Lucene search
+L

148 matches found

githubexploit
githubexploit
added 2025/06/07 11:22 p.m.548 views

Exploit for CVE-2024-51482

CVE-2024-51482 ZoneMinder v1.37. = 1.37.64 CVE-2024-51482 po...

9.9CVSS7.1AI score0.36899EPSS
Exploits8
wordfence
wordfence
added 2025/06/02 4:20 p.m.15 views

Malware Masquerades as Legitimate, Hidden WordPress Plugin with Remote Code Execution Capabilities

📢In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. The Wordfence Threat Intelligence team recently discovered an interestin...

8.3AI score
Exploits0
redhatcve
redhatcve
added 2025/05/23 9:45 a.m.10 views

CVE-2024-25830

F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains the path of the configuration file. A successful exploit could allow the attacker to extract the...

9.8CVSS6.9AI score0.2403EPSS
Exploits5References1
redhatcve
redhatcve
added 2025/05/23 1:56 a.m.9 views

CVE-2023-24055

KeePass through 2.53 in a default installation allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has...

5.5CVSS6.8AI score0.03691EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 4:36 p.m.8 views

CVE-2020-28911

Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the testserver command in ajaxhelper.php...

6.5CVSS6.9AI score0.02724EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 7:29 a.m.6 views

CVE-2019-14782

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to make a request to extract the victim's password for the OS...

6.5CVSS6.9AI score0.01382EPSS
Exploits3References1
redhatcve
redhatcve
added 2025/04/30 10:12 a.m.14 views

CVE-2025-32471

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

3.7CVSS7.1AI score0.00315EPSS
Exploits0References8
nvd
nvd
added 2025/04/28 9:15 a.m.16 views

CVE-2025-32471

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

3.7CVSS0.00315EPSS
Exploits0References6
attackerkb
attackerkb
added 2025/04/28 9:15 a.m.5 views

CVE-2025-32471

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

3.7CVSS5.8AI score0.00315EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2025/04/28 9:11 a.m.5 views

CVE-2025-32471 Reuse of salt

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

3.7CVSS4.4AI score0.00315EPSS
Exploits0References6
cvelist
cvelist
added 2025/04/28 9:11 a.m.28 views

CVE-2025-32471 Reuse of salt

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

3.7CVSS0.00315EPSS
Exploits0References6
cnnvd
cnnvd
added 2025/04/28 12:0 a.m.6 views

SICK FLX0-GPNT100和SICK FLX3-CPUC200 安全漏洞

The SICK FLX0-GPNT100 and SICK FLX3-CPUC200 are both products of SICK, Germany.The SICK FLX0-GPNT100 is a photoelectric sensor for precise object detection and localization in industrial automation.The SICK FLX3-CPUC200 is a high-performance photoelectric sensor controller designed for complex SI...

3.7CVSS6.6AI score0.00315EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2025/04/28 12:0 a.m.8 views

PT-2025-18055 · Sick Ag · Sick Flx3-Cpuc200

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to inadequate salting of device passwords, making them susceptible to password extraction attacks. Recommendations: At the moment, there is no information about a newer...

3.7CVSS6.2AI score0.00315EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2025/02/24 12:0 a.m.14 views

PT-2025-7776 · Unknown +1 · Xone Web Monitor +1

Name of the Vulnerable Software and Affected Versions: XOne Web Monitor version 02.10.2024.530 XOne Web Monitor framework version 1.0.4.9 Description: The issue is a SQL injection vulnerability located in the login page, allowing attackers to extract all usernames and passwords via a crafted inpu...

9.8CVSS9.4AI score0.01149EPSS
Exploits1References9
nvd
nvd
added 2025/01/30 6:15 p.m.10 views

CVE-2025-0477

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application...

9.8CVSS0.00357EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/30 5:49 p.m.17 views

CVE-2025-0477 Rockwell Automation FactoryTalk® AssetCentre Data Exposure Vulnerability

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application...

9.3CVSS0.00357EPSS
Exploits0References1
ics
ics
added 2025/01/30 7:0 a.m.13 views

Rockwell Automation FactoryTalk AssetCentre

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to extract passwords, access, credentials, or impersonate other users. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

7AI score
Exploits0References10
cnnvd
cnnvd
added 2025/01/30 12:0 a.m.5 views

Rockwell Automation FactoryTalk AssetCentre 安全漏洞

Rockwell Automation FactoryTalk AssetCentre is an application from Rockwell Automation, Inc. It provides centralized tools for protecting, managing, version controlling, tracking, and reporting information about automation-related assets throughout the plant. A security vulnerability exists in...

9.8CVSS6.3AI score0.00357EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/01/14 12:0 a.m.5 views

PT-2025-3909 · Rockwell Automation · Factorytalk Assetcentre

Name of the Vulnerable Software and Affected Versions: Rockwell Automation FactoryTalk AssetCentre versions prior to V15.00.001 Description: An encryption issue exists due to a weak encryption methodology, which could allow a threat actor to extract passwords belonging to other users of the...

9.3CVSS6.2AI score0.00357EPSS
Exploits0References27
osv
osv
added 2024/09/07 5:15 p.m.2 views

CVE-2024-40710

A series of related high-severity vulnerabilities, the most notable enabling remote code execution RCE as the service account and extraction of sensitive information savedcredentials and passwords. Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within...

8.8CVSS6.3AI score0.0112EPSS
Exploits0References1
Rows per page
Query Builder