Lucene search
K

150 matches found

Vulnrichment
Vulnrichment
added 2025/11/11 4:49 p.m.2 views

CVE-2025-24847

Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

5.7CVSS5.8AI score0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 4:49 p.m.6 views

CVE-2025-24834

Protection mechanism failure for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable data exposure. This result...

6.5CVSS0.00184EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 4:49 p.m.8 views

CVE-2025-24834

Intel CIP software prior to WIN_DCA_2.4.0.11001 contains a protection mechanism failure in Ring 3: User Applications, which may allow information disclosure. An unprivileged, unauthenticated user with low-complexity attack could exposure data via adjacent access. Affected products: Intel CIP soft...

6.5CVSS6AI score0.00184EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/11 4:49 p.m.6 views

CVE-2025-24516

Improper access control for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

6.8CVSS0.0016EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/11 4:49 p.m.3 views

CVE-2025-20614

External control of file name or path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privileg...

6.7CVSS6.1AI score0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46436

Name of the Vulnerable Software and Affected Versions IntelR PROSet/Wireless WiFi Software for Windows versions prior to 23.160 Description An out-of-bounds read issue exists in some IntelR PROSet/Wireless WiFi Software for Windows. This flaw, located within Ring 2: Device Drivers, could allow fo...

7.4CVSS6.1AI score0.00162EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/06 1:8 p.m.9 views

CVE-2025-54088

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the console can redirect victims to an arbitrary URL. The attack complexity is low, attack requirements are present, no privileges are required, and users must actively participate i...

5.5CVSS6.6AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/03 8:57 p.m.8 views

CVE-2025-54086

CVE-2025-54086 is an excess permissions vulnerability in the Warehouse component of Absolute Secure Access prior to version 14.10. Attackers with access to the local file system can read the Java keystore file. The attack complexity is low, there are no attack requirements, the privileges require...

5.3CVSS6.3AI score0.00164EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-32210

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-23215

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-23218

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25817

Malicious code in bioql PyPI...

5.4CVSS6.8AI score0.00283EPSS
Exploits1References1
OSV
OSV
added 2025/10/02 9:16 p.m.3 views

CVE-2025-54088

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the console can redirect victims to an arbitrary URL. The attack complexity is low, attack requirements are present, no privileges are required, and users must actively participate i...

6.1CVSS5.8AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/10/02 8:15 p.m.11 views

CVE-2025-54089

CVE-2025-54089 affects Ivanti Secure Access Client prior to version 14.10. The issue is described as a cross-site scripting vulnerability that allows attackers with console administrative access to interfere with another administrator’s access. The attack has low complexity, requires high privile...

4.6CVSS5.6AI score0.00192EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/02 8:10 p.m.3 views

CVE-2025-54088 Open Redirect in Secure Access prior to 14.10

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the console can redirect victims to an arbitrary URL. The attack complexity is low, attack requirements are present, no privileges are required, and users must actively participate i...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 8:10 p.m.6 views

CVE-2025-54088 Open Redirect in Secure Access prior to 14.10

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the console can redirect victims to an arbitrary URL. The attack complexity is low, attack requirements are present, no privileges are required, and users must actively participate i...

5.5CVSS0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/10/02 7:56 p.m.14 views

CVE-2025-54086

CVE-2025-54086 affects Absolute Secure Access, Warehouse component, prior to version 14.10. The vulnerability is an excess-permissions issue enabling attackers with local file-system access to read the Java keystore file. Severity: CVSS 3.1 Base 3.3 (LOW) to CVSS 4.0 Base 5.3 (MEDIUM) depending o...

5.3CVSS5.9AI score0.00164EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.6 views

PT-2025-40423

Name of the Vulnerable Software and Affected Versions secure access versions prior to 14.10 Description This issue is a cross-site scripting condition. An attacker with administrative access to the console can disrupt another administrator's access. The attack complexity is low, and no specific...

4.6CVSS5.6AI score0.00192EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.8 views

PT-2025-40420

Name of the Vulnerable Software and Affected Versions Absolute Secure Access versions prior to 14.10 Description An excess permissions issue exists within the Warehouse component. An attacker who has access to the local file system can read the Java keystore file. The attack complexity is low, an...

5.3CVSS6.1AI score0.00164EPSS
Exploits0References4
NVD
NVD
added 2025/08/26 7:15 p.m.4 views

CVE-2025-50975

IPFire 2.29 web-based firewall interface firewall.cgi fails to sanitize several rule parameters such as PROT, SRCPORT, TGTPORT, dnatport, key, ruleremark, srcaddr, stdnettgt, and tgtaddr, allowing an authenticated administrator to inject persistent JavaScript. This stored XSS payload is executed...

5.4CVSS0.00283EPSS
Exploits1References1
Rows per page
Query Builder