Lucene search
K

209 matches found

CVE
CVE
added 2025/09/18 12:0 a.m.25 views

CVE-2025-59691

CVE-2025-59691 affects PureVPN Linux clients (CLI 2.0.1 and GUI 2.10.0). The vulnerability allows IPv6 traffic to leak outside the VPN tunnel during events like Wi‑Fi reconnects or system resume, with the CLI auto-reconnect showing as connected while IPv6 isn’t routed or blocked, and the GUI leav...

3.7CVSS6.4AI score0.00203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.4 views

PT-2025-38497

Name of the Vulnerable Software and Affected Versions PureVPN versions 2.0.1 and 2.10.0 Description PureVPN client applications on Linux mishandle firewalling. The applications flush existing iptables rules and apply default ACCEPT policies when connecting to a VPN server, removing previously...

3.7CVSS6.6AI score0.00193EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/18 12:0 a.m.3 views

PureVPN 安全漏洞

PureVPN is a VPN software from PureVPN Inc. A security vulnerability exists in the PureVPN CLI version 2.0.1 and GUI version 2.10.0, which stems from IPv6 traffic being leaked after a cyber event, potentially leading to a user privacy breach...

3.7CVSS6.5AI score0.00203EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/09/09 7:0 a.m.5 views

Windows UI XAML Maps MapControlSettings Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00272EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.5 views

PT-2025-34808 · Ipfire · Ipfire

Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The web-based firewall interface firewall.cgi fails to sanitize several rule parameters, including PROT, SRC PORT, TGT PORT, dnatport, key, ruleremark, src addr, std net tgt, and tgt addr. This allows an...

5.4CVSS5.6AI score0.00283EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/22 4:35 p.m.6 views

CVE-2025-20131

A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...

4.9CVSS7.3AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 4:26 p.m.7 views

CVE-2025-20131 Cisco Identity Services Engine Arbitrary File Upload Vulnerability

A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...

4.9CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 4:26 p.m.25 views

CVE-2025-20131

CVE-2025-20131 affects Cisco Identity Services Engine (ISE) GUI. Root cause: improper validation of the file copy function, enabling an authenticated, remote attacker with administrative privileges to upload arbitrary files to an affected device via a crafted file upload in the ISE GUI. CVSS v3.1...

4.9CVSS6.6AI score0.0028EPSS
Exploits0References1
Cisco
Cisco
added 2025/08/20 4:0 p.m.6 views

Cisco Identity Services Engine Arbitrary File Upload Vulnerability

A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...

4.9CVSS7.2AI score0.0028EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/08/14 12:36 a.m.262 views

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 WinRAR Exploit Advanced WinRAR Path Traver...

8.8CVSS7.7AI score0.85778EPSS
Exploits35
CVE
CVE
added 2025/08/13 12:0 a.m.24 views

CVE-2025-43982

CVE-2025-43982 affects Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC devices (v3.4.2731.16.43). The underlying issue: SSH service is enabled by default and a hard-coded root account cannot be disabled via the GUI. Impact is described as high for confidentiality, integrity, and availability with net...

9.8CVSS7.2AI score0.00338EPSS
Exploits0References2
Fedora
Fedora
added 2025/06/11 2:46 a.m.8 views

[SECURITY] Fedora 42 Update: dtk6gui-6.0.27-6.fc42

Deepin Tool Kit DtkGui is the development graphical user interface of all C++/Qt Developer work on Deepin...

8.4CVSS7.3AI score0.00309EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.5 views

Toward a Human-Centered Evaluation Framework for Trustworthy LLM-Powered GUI Agents

The rise of Large Language Models LLMs has revolutionized Graphical User Interface GUI automation through LLM-powered GUI agents, yet their ability to process sensitive data with limited human oversight raises significant privacy and security risks. This position paper identifies three key risks ...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 1:19 p.m.7 views

CVE-2018-14996

The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod versionCode=1, versionName=1.0 that contains an exported service named...

7.8CVSS7.2AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.12 views

CVE-2019-15344

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.8 views

CVE-2019-15388

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.12 views

CVE-2019-15389

The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service named...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 a.m.7 views

CVE-2019-15347

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:24 a.m.7 views

CVE-2015-8037

Multiple cross-site scripting XSS vulnerabilities in the Graphical User Interface GUI in Fortinet FortiManager before 5.2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 SOMVpnSSLPortalDialog or 2 FGDMngUpdHistory...

4.3CVSS5.9AI score0.02775EPSS
Exploits1References1
OSV
OSV
added 2025/04/21 6:15 p.m.2 views

CVE-2025-27086

A vulnerability in the HPE Performance Cluster Manager HPCM GUI could allow an attacker to bypass authentication...

8.1CVSS5.8AI score0.00341EPSS
Exploits0References1
Rows per page
Query Builder