Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-13269

Malicious code in bioql PyPI...

9.8CVSS8.9AI score0.22202EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13267

Malicious code in bioql PyPI...

6.1CVSS8.9AI score0.14477EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-13257

Malicious code in bioql PyPI...

9CVSS8.9AI score0.12107EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/03 7:15 p.m.17 views

CVE-2025-36558

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripting attack via the ssotoken used for authentication. If an attacker provides the user with a PiCtory URL containing an HTML script as an ssotoken, that script will reply to the user and be executed...

6.1CVSS7AI score0.14477EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/03 7:12 p.m.16 views

CVE-2025-32011

KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal...

9.8CVSS7.6AI score0.22202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/03 7:11 p.m.23 views

CVE-2025-35996

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, t...

9CVSS6.7AI score0.12107EPSS
Exploits0References1
NVD
NVD
added 2025/05/01 7:15 p.m.21 views

CVE-2025-35996

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, t...

9CVSS0.12107EPSS
Exploits0References2
NVD
NVD
added 2025/05/01 7:15 p.m.13 views

CVE-2025-36558

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripting attack via the ssotoken used for authentication. If an attacker provides the user with a PiCtory URL containing an HTML script as an ssotoken, that script will reply to the user and be executed...

6.1CVSS0.14477EPSS
Exploits0References2
NVD
NVD
added 2025/05/01 7:15 p.m.17 views

CVE-2025-32011

KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal...

9.8CVSS0.22202EPSS
Exploits0References2
CVE
CVE
added 2025/05/01 6:44 p.m.56 views

CVE-2025-36558

KUNBUS Revolution Pi PiCtory (versions 2.11.1 and earlier) is affected by multiple XSS and auth-related CVEs. The core issue is insufficient input sanitization of the sso_token in PiCtory, enabling reflected XSS via the token and stored XSS via crafted filenames; separate authentication bypass vi...

6.1CVSS6.2AI score0.14477EPSS
Exploits0References2
CVE
CVE
added 2025/05/01 6:42 p.m.63 views

CVE-2025-35996

CVE-2025-35996 concerns KUNBUS Revolution Pi PiCtory: versions 2.11.1 and earlier are vulnerable to a cross-site scripting (XSS) flaw caused by unescaped filenames stored by API endpoints. An authenticated remote attacker can craft a filename that is later rendered in the client’s HTML (via expor...

9CVSS8.9AI score0.12107EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/01 6:40 p.m.68 views

CVE-2025-32011 KUNBUS Revolution Pi Authentication Bypass by Primary Weakness

KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal...

9.8CVSS0.22202EPSS
Exploits0References2
CVE
CVE
added 2025/05/01 6:40 p.m.53 views

CVE-2025-32011

CVE-2025-32011 involves KUNBUS Revolution Pi PiCtory (versions 2.5.0–2.11.1). A path-traversal weakness in the PiCtory login flow can be exploited by a remote attacker to bypass authentication and gain access to the I/O configuration surface and expansion modules. The Linked Pentest Partners writ...

9.8CVSS9.6AI score0.22202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/01 6:40 p.m.7 views

CVE-2025-32011 KUNBUS Revolution Pi Authentication Bypass by Primary Weakness

KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal...

9.8CVSS7.2AI score0.22202EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

KUNBUS PiCtory 安全漏洞

KUNBUS PiCtory is a graphical software tool from KUNBUS Corporation for configuring and managing the KUNBUS Revolution Pi industrial computer. A security vulnerability exists in KUNBUS PiCtory versions 2.5.0 through 2.11.1, which stems from a path traversal that could lead to authentication bypas...

9.8CVSS9AI score0.22202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.3 views

PT-2025-18692 · Kunbus · Kunbus Pictory

Name of the Vulnerable Software and Affected Versions: KUNBUS PiCtory versions 2.5.0 through 2.11.1 Description: The issue allows a remote attacker to bypass authentication and gain access due to a path traversal vulnerability. This enables unauthorized access, potentially leading to further...

9.8CVSS9.7AI score0.22202EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.5 views

PT-2025-18697 · Kunbus · Kunbus Pictory

Name of the Vulnerable Software and Affected Versions: KUNBUS PiCtory versions 2.11.1 and earlier Description: The issue allows for cross-site scripting attacks via the sso token used for authentication. If an attacker provides a user with a KUNBUS PiCtory URL containing an HTML script as an sso...

6.1CVSS9AI score0.14477EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.2 views

KUNBUS PiCtory 安全漏洞

KUNBUS PiCtory is a graphical software tool from KUNBUS Corporation for configuring and managing KUNBUS Revolution Pi industrial computers. A security vulnerability exists in KUNBUS PiCtory version 2.11.1 and earlier, which stems from unescaped filenames and could lead to a cross-site scripting...

9CVSS8.3AI score0.12107EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.4 views

PT-2025-18695 · Kunbus · Kunbus Pictory

Name of the Vulnerable Software and Affected Versions: KUNBUS PiCtory versions 2.11.1 and earlier Description: The issue arises when an authenticated remote attacker crafts a special filename that can be stored by API endpoints, which is later transmitted to the client to show a list of...

9CVSS9.1AI score0.12107EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.4 views

KUNBUS PiCtory 安全漏洞

KUNBUS PiCtory is a graphical software tool from KUNBUS Corporation for configuring and managing the KUNBUS Revolution Pi industrial computer. A security vulnerability exists in KUNBUS PiCtory version 2.11.1 and earlier, which stems from an unescaped ssotoken and could lead to a cross-site...

6.1CVSS8.3AI score0.14477EPSS
Exploits0References2
Rows per page
Query Builder