Lucene search
K

185 matches found

CNNVD
CNNVD
added 2025/03/16 12:0 a.m.5 views

IROAD FX2 安全漏洞

IROAD FX2 is a car recorder from IROAD. A security vulnerability exists in IROAD FX2 20250308 and prior versions that stems from the use of a default password that requires an attack to be initiated on the local network...

7.8CVSS6.4AI score0.00219EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/16 12:0 a.m.6 views

IROAD X5 安全漏洞

IROAD X5 is a car recorder from IROAD. A security vulnerability exists in IROAD X5 that stems from hard-coded credentials that require an attack to be launched on the local network...

7.7CVSS7.4AI score0.00338EPSS
Exploits0References6
CVE
CVE
added 2025/03/09 1:31 p.m.67 views

CVE-2025-2122

The CVE-2025-2122 entry concerns Thinkware Car Dashcam F800 Pro (up to 20250226). Affected component: Connection Handler. Vulnerability type: denial of service caused by manipulation of the Connection Handler, with attack possible only on the local network. Exploitation is described as high compl...

5.3CVSS3.8AI score0.00715EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/03/09 11:0 a.m.61 views

CVE-2025-2121

CVE-2025-2121 affects Thinkware Car Dashcam F800 Pro up to 20250226. The vulnerability resides in the File Storage component, with an unknown function enabling improper access controls exploitable from the local network. The exploit has been publicly disclosed and the vendor has not responded. A ...

8.8CVSS6.9AI score0.0086EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/08 12:0 a.m.9 views

PT-2025-10450 · Thinkware · Thinkware Car Dashcam F800 Pro

Name of the Vulnerable Software and Affected Versions: Thinkware Car Dashcam F800 Pro up to 20250226 Description: A vulnerability was found in the Connection Handler component of the Thinkware Car Dashcam F800 Pro, which can be exploited to cause a denial of service. The attack can only be...

5.3CVSS3.7AI score0.00715EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2024-3661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DHCP can add routes to a client's routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic...

7.6CVSS7.3AI score0.04063EPSS
Exploits1References3
OSV
OSV
added 2025/03/03 9:15 p.m.5 views

CVE-2025-1882

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

7CVSS5AI score0.00196EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/03 9:0 p.m.10 views

CVE-2025-1882 i-Drive i11/i12 Device Setting improper access control for register interface

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

5CVSS5AI score0.00196EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/03 9:0 p.m.23 views

CVE-2025-1882 i-Drive i11/i12 Device Setting improper access control for register interface

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

5CVSS0.00196EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

i-Drive i11和i-Drive i12 安全漏洞

The i-Drive i11 and i-Drive i12 are both a car recorder from i-Drive, Inc. A security vulnerability exists in i-Drive i11 and i-Drive i12 20250227 and prior versions, which stems from the use of a default password and could lead to a local network attack...

3.1CVSS4.2AI score0.00271EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

i-Drive i11和i-Drive i12 安全漏洞

The i-Drive i11 and i-Drive i12 are both a car recorder from i-Drive, Inc. A security vulnerability exists in i-Drive i11 and i-Drive i12 20250227 and prior versions, which stems from improper access control of the registration interface and could lead to a local network attack...

7CVSS5.1AI score0.00196EPSS
Exploits0References5
NVD
NVD
added 2025/02/12 4:15 p.m.21 views

CVE-2025-1207

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather...

3.1CVSS0.00304EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/12 3:31 p.m.11 views

CVE-2025-1207 phjounin TFTPD64 DNS denial of service

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather...

3.1CVSS4AI score0.00304EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.5 views

Airtel Xstream 安全漏洞

Airtel Xstream is a streaming controller from Airtel India. A security vulnerability exists in Airtel Xstream 20250123 and earlier versions, which stems from the use of weak credentials by the WiFi Password Handler component, resulting in an attack that can be carried out on the local network...

3.1CVSS4AI score0.00288EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 5:12 a.m.8 views

CVE-2024-10194

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...

8.8CVSS6.9AI score0.01124EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:22 a.m.11 views

CVE-2024-31903

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data...

8.8CVSS7.6AI score0.00968EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/27 9:46 p.m.9 views

CVE-2025-24126

An input validation issue was addressed. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to corrupt process memory...

7.3AI score0.0133EPSS
Exploits0References6
Veracode
Veracode
added 2024/12/09 9:59 a.m.10 views

Improper Certificate Validation

Keycloak is vulnerable to Improper Certificate Validation. The vulnerability is due to improper handling of reverse proxy configurations with mTLS enabled, allowing an attacker on the local network to impersonate any user or client using mTLS for authentication...

6.5AI score0.00101EPSS
Exploits0
CVE
CVE
added 2024/12/08 9:31 a.m.868 views

CVE-2024-12343

TP-Link VN020 F3v(T) TT_V6.2.1021 is affected, specifically the SOAP Request Handler’s /control/WANIPConnection component where manipulating the NewConnectionType argument triggers a buffer overflow. This vulnerability requires local-network access and has public exploitation information, with po...

8.8CVSS6.7AI score0.04719EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/07/19 2:47 p.m.22 views

CVE-2024-6895 Insecure Account Profile Management

Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...

6.1CVSS0.0024EPSS
Exploits0References1
Rows per page
Query Builder