Lucene search
+L

320 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/06 7:7 p.m.7 views

CVE-2026-25751

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...

9.1CVSS5.6AI score0.00269EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/06 7:7 p.m.26 views

CVE-2026-25751

CVE-2026-25751 affects FUXA up to version 1.2.9 and is a information-disclosure flaw that exposes sensitive administrative credentials for InfluxDB, enabling an attacker to obtain the full system configuration and potentially authenticate to the database to read/modify/delete data or cause DoS. T...

9.1CVSS5.5AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/06 7:7 p.m.38 views

CVE-2026-25751 FUXA Unauthenticated Exposure of Plaintext Database Credentials

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...

9.1CVSS0.00269EPSS
Exploits0References2
OSV
OSV
added 2026/02/06 7:7 p.m.8 views

CVE-2026-25751 FUXA Unauthenticated Exposure of Plaintext Database Credentials

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...

9.1CVSS5.6AI score0.00269EPSS
Exploits0References4
OSV
OSV
added 2026/02/05 6:16 p.m.6 views

AZL-76988 CVE-2025-58190 affecting package influxdb 2.7.5-10

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

5.3CVSS6.7AI score0.00482EPSS
Exploits1References1
OSV
OSV
added 2026/02/05 6:16 p.m.7 views

AZL-76992 CVE-2025-47911 affecting package influxdb 2.7.5-10

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

5.3CVSS7.3AI score0.00502EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 6:16 p.m.9 views

AZL-76893 CVE-2025-47911 affecting package influxdb for versions less than 2.6.1-30

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

5.3CVSS5.7AI score0.00502EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/05 12:33 a.m.14 views

FUXA Unauthenticated Exposure of Plaintext Database Credentials

Description An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10. Impact This affects all deployments,...

9.1CVSS5.5AI score0.00269EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.9 views

PT-2026-6661

Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description An information disclosure issue in FUXA allows a remote, unauthenticated attacker to obtain sensitive administrative database credentials. Exploitation allows an attacker to access the full system...

9.1CVSS5.5AI score0.00269EPSS
Exploits0References10
OSV
OSV
added 2026/01/26 8:16 p.m.9 views

AZL-75428 CVE-2025-11065 affecting package influxdb 2.7.5-10

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.9 views

AZL-75479 CVE-2025-11065 affecting package influxdb for versions less than 2.6.1-30

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: influxdb (CVE-2019-0205)

The version of influxdb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-0205 advisory. - In Apache Thrift all versions up to and including 0.12.0, a server or client May run into an endless loop...

7.8CVSS5.6AI score0.09156EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2026/01/12 9:27 p.m.6 views

CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10

CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10. A patched version of the package is available...

6.3CVSS6.9AI score0.00197EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/01/07 7:9 p.m.4 views

CVE-2025-65637 affecting package influxdb for versions less than 2.6.1-25

CVE-2025-65637 affecting package influxdb for versions less than 2.6.1-25. A patched version of the package is available...

7.5CVSS6.9AI score0.00585EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/01/07 7:9 p.m.8 views

CVE-2025-10543 affecting package influxdb for versions less than 2.6.1-27

CVE-2025-10543 affecting package influxdb for versions less than 2.6.1-27. A patched version of the package is available...

6.3CVSS6.9AI score0.00197EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/12/18 11:40 p.m.6 views

CVE-2025-65637 affecting package influxdb for versions less than 2.7.5-9

CVE-2025-65637 affecting package influxdb for versions less than 2.7.5-9. A patched version of the package is available...

7.5CVSS6.9AI score0.00585EPSS
Exploits1
OSV
OSV
added 2025/12/04 7:16 p.m.6 views

AZL-71602 CVE-2025-65637 affecting package influxdb for versions less than 2.6.1-28

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

7.5CVSS7.2AI score0.00585EPSS
Exploits1References1
OSV
OSV
added 2025/12/02 9:15 a.m.5 views

AZL-71299 CVE-2025-10543 affecting package influxdb for versions less than 2.6.1-27

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

6.3CVSS7.2AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 9:15 a.m.6 views

AZL-71311 CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

6.3CVSS7.2AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-5501

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00727EPSS
Exploits1References5
Rows per page
Query Builder