Lucene search
+L

557 matches found

Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.10 views

PT-2025-46853

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description A flaw exists in the REST API of Cisco Catalyst Center that could allow a remote attacker with valid credentials at least Observer role to execute arbitrary commands within a...

6.3CVSS7AI score0.00354EPSS
Exploits0References4
CNVD
CNVD
added 2025/11/12 12:0 a.m.4 views

Responsive Hotel Site roomdel.php File SQL Injection Vulnerability

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that stems from the /admin/roomdel.php file mishandling the ID parameter and failing to properly validate and filter user input. An attacker can exploit this vulnerability to obta...

9.8CVSS7.8AI score0.00373EPSS
Exploits1References1
OSV
OSV
added 2025/11/11 1:15 p.m.3 views

CVE-2025-41104

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'customfield1' in '/estimaterequests/saveestimaterequest'...

5.4CVSS5.8AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 12:30 p.m.7 views

EUVD-2025-84357

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'...

5.1CVSS6.8AI score0.0016EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 11:50 a.m.4 views

CVE-2025-41101 Multiple vulnerabilities in Fairsketch's RISE CRM Framework

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'...

5.1CVSS6.9AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46299

Name of the Vulnerable Software and Affected Versions Make Email Customizer for WooCommerce WordPress plugin versions through 1.0.6 Description The software does not properly verify user permissions or validate input data in its AJAX operations. This allows any authenticated user, even those with...

5.3CVSS6.4AI score0.0028EPSS
Exploits0References7
CNVD
CNVD
added 2025/10/31 12:0 a.m.4 views

Tenda CH22 fromP2pListFilter function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromP2pListFilter in the file /goform/P2pListFilter fails to correctly validate the length of the input data, and can...

9CVSS9.2AI score0.00646EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.13 views

PT-2025-43460

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description There is a potential bypass of user profile boundaries through improperly validated forwarded intents. This could allow for local privilege escalation without requiring additional execution privileges or user...

7.8CVSS6.4AI score0.00094EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2025/10/15 5:12 p.m.10 views

Netty has SMTP Command Injection Vulnerability that Allows Email Forgery

Summary An SMTP Command Injection CRLF Injection vulnerability in Netty's SMTP codec allows a remote attacker who can control SMTP command parameters e.g., an email recipient to forge arbitrary emails from the trusted server. This bypasses standard email authentication and can be used to...

6.9CVSS7.7AI score0.01594EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.4 views

Tenda AC7 安全漏洞

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter enable in the file /goform/saveAutoQos that fails to correctly validate the length of the input data, and can be exploited by ...

9CVSS8.2AI score0.00736EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7091

Malware in sbrugna...

7.8CVSS7.5AI score0.0035EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3851

Malware in sbrugna...

7.8CVSS7.7AI score0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-27524

Malware in sbrugna...

7.8CVSS5.2AI score0.01243EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-5943

Malware in sbrugna...

10CVSS6.2AI score0.02637EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.16 views

EUVD-2020-8182

Malware in sbrugna...

6.5CVSS6.5AI score0.00704EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-20607

Malware in sbrugna...

7.8CVSS7.7AI score0.00413EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-2112

Malware in sbrugna...

6CVSS5.9AI score0.01316EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27506

Malware in sbrugna...

4.3CVSS4.8AI score0.01623EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-16871

Malware in sbrugna...

7.8CVSS7.7AI score0.00399EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-5948

Malware in sbrugna...

5.5CVSS5.4AI score0.01172EPSS
Exploits1References3
Rows per page
Query Builder