Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/06/27 5:20 p.m.6 views

CVE-2025-49153

The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code...

9.3CVSS9.6AI score0.00662EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/27 5:20 p.m.5 views

CVE-2025-49151

The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...

9.3CVSS9.4AI score0.00536EPSS
Exploits0References1
NVD
NVD
added 2025/06/25 5:15 p.m.9 views

CVE-2025-49151

The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...

9.3CVSS0.00536EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/25 4:36 p.m.8 views

CVE-2025-49153 Path Traversal in MICROSENS NMP Web+

The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code...

9.3CVSS0.00662EPSS
Exploits0References1
CVE
CVE
added 2025/06/25 4:36 p.m.30 views

CVE-2025-49153

CVE-2025-49153 is a path-traversal flaw in MICROSENS NMP Web+ that allows an unauthenticated attacker to overwrite files and execute arbitrary code. Several sources (NVD/NVD-like, CVE lists, and CISA ICS advisory ICSA-25-175-07) describe the issue as unauthenticated and capable of arbitrary code ...

9.3CVSS9.7AI score0.00662EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/25 4:36 p.m.4 views

CVE-2025-49153 Path Traversal in MICROSENS NMP Web+

The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code...

9.3CVSS9.7AI score0.00662EPSS
Exploits0References1
CVE
CVE
added 2025/06/25 4:34 p.m.18 views

CVE-2025-49152

CVE-2025-49152 affects MICROSENS NMP Web+ where issued JWTs do not expire, enabling potential unauthenticated access. Connected documents confirm that tokens can be forged or used to bypass authentication, potentially allowing file overwrites or arbitrary code execution in affected products. Affe...

8.7CVSS9.5AI score0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/25 4:34 p.m.21 views

CVE-2025-49152 Insufficient Session Expiration in MICROSENS NMP Web+

The affected products contain JSON Web Tokens JWT that do not expire, which could allow an attacker to gain access to the system...

8.7CVSS0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/25 4:34 p.m.4 views

CVE-2025-49152 Insufficient Session Expiration in MICROSENS NMP Web+

The affected products contain JSON Web Tokens JWT that do not expire, which could allow an attacker to gain access to the system...

8.7CVSS9.5AI score0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/25 4:32 p.m.15 views

CVE-2025-49151 Use of Hard-coded, Security-relevant Constants in MICROSENS NMP Web+

The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...

9.3CVSS0.00536EPSS
Exploits0References1
CVE
CVE
added 2025/06/25 4:32 p.m.23 views

CVE-2025-49151

CVE-2025-49151 affects MICROSENS NMP Web+; an unauthenticated attacker could forge JSON Web Tokens (JWT) to bypass authentication. PT-2025-26855 specifies affected versions: MICROSENS NMP Web+ prior to 3.3.0, with a fix in 3.3.0. The risk is described as enabling unauthorized access and potential...

9.3CVSS9.5AI score0.00536EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/25 4:32 p.m.6 views

CVE-2025-49151 Use of Hard-coded, Security-relevant Constants in MICROSENS NMP Web+

The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...

9.3CVSS9.5AI score0.00536EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.4 views

PT-2025-26856 · Microsens · Microsens Nmp Web+

Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ affected versions not specified Description: The issue concerns JSON Web Tokens JWT that do not expire in MICROSENS NMP Web+, potentially allowing an attacker to gain access to the system. Recommendations: At the moment,...

8.7CVSS9.4AI score0.00448EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.4 views

PT-2025-26857 · Microsens · Microsens Nmp Web+

Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ affected versions not specified Description: The issue could allow an unauthenticated attacker to overwrite files and execute arbitrary code. Recommendations: At the moment, there is no information about a newer version tha...

9.8CVSS9.6AI score0.00662EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.4 views

PT-2025-26855 · Microsens · Microsens Nmp Web+

Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ versions prior to 3.3.0 Description: The issue allows an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication. This could potentially lead to full system control. Organizations worldwide...

9.3CVSS9.4AI score0.00536EPSS
Exploits0References9
CISA
CISA
added 2025/06/24 12:0 p.m.7 views

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on June 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-175-01 Kaleris Navis N4 Terminal Operating System ICSA-25-175-02 Delta Electronics...

7AI score
Exploits0References8
Rows per page
Query Builder