CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

116 matches found

Altenergy Power Control Software C1.2.5 - Remote Command Injection

Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/settimezone parameter, because of settimezone in models/managementmodel.php. An attacker can potentially obtain sensitive information, modify data, and/or execut...

9.8CVSS7.9AI score0.93791EPSS

Exploits5References5

ATTACKERKB•added 2 days ago•4 views

CVE-2025-71318

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...

9.8CVSS5.5AI score0.0017EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fixed an issue where double cleanup was performed in the case of a failure in devmaddactionorreset. When devmaddactionorreset fails, it calls the passed cleanup function. Therefore, the caller must not repeat that...

5.7AI score0.00026EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fixed NULL pointer dereferencing when nosmp is used When nosmp is used in the command line, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0’s iteration via foreachpossiblecpu dereferences these NULL...

5.5CVSS6.3AI score0.00106EPSS

Exploits0References2

CVE•added 2026/04/30 8:36 a.m.•4 views

CVE-2026-42799

CVE-2026-42799 describes an out-of-bounds read in the ASR Kestrel software (nr_fw modules), specifically affecting the file path Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. The published records indicate this affects Kestrel versions prior to 2026/02/10. The issue is classified with a high impact on confid...

9.8CVSS5.2AI score0.0002EPSS

Exploits0References1Affected Software1

EUVD•added 2026/04/24 2:35 p.m.•2 views

EUVD-2026-25465

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fix resume-probe race condition issue Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a "i2c: designware: Combine the init functions",but this issue existed from the...

5.3AI score0.00014EPSS

Exploits0References3

UbuntuCve•added 2026/01/14 3:15 p.m.•2 views

CVE-2025-71103

In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpcreglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpcreglist if still deferenced in a7xxpatchpwrupreglist which causes a kernel crash: Unable to handle kernel NU...

5.5CVSS5.7AI score0.00025EPSS

Exploits0References3

ATTACKERKB•added 2026/01/14 3:5 p.m.•2 views

CVE-2025-71103

5.2AI score0.00025EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/01/09 12:32 p.m.•3 views

CVE-2023-31502

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution RCE vulnerability via the component /models/managementmodel.php...

7.2CVSS8.4AI score0.00936EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:30 a.m.•8 views

CVE-2019-16261

Tripp Lite PDUMH15AT 12.04.0053 and SU750XL 12.04.0052 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer firmware version, fixing this...

9.1CVSS7.5AI score0.00942EPSS

Exploits2References1

EUVD•added 2025/12/17 9:30 p.m.•2 views

EUVD-2025-203934

CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v.1.17 allows a remote attacker to execute arbitrary code via the Web-based management interface and specifically the /systemsetup.htm, /setclock.htm, /receiversetup.htm, /cal.htm?..., and /channelsetup.htm endpoints...

7.4AI score0.00092EPSS

Exploits1References3

CNNVD•added 2025/12/17 12:0 a.m.•0 views

Narda-MITEQ Uplink Power Control Unit 安全漏洞

The Narda-MITEQ Uplink Power Control Unit is a satellite communication earth station device from Narda-MITEQ Corporation. A security vulnerability exists in the Narda-MITEQ Uplink Power Control Unit UPC2 version 1.17, which originates from a cross-site request forgery in the web management...

8.8CVSS6.9AI score0.00092EPSS

Exploits1References3

SUSE CVE•added 2025/11/13 12:24 a.m.•1 views

SUSE CVE-2025-40145

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

6.5AI score0.00026EPSS

Exploits0References3

EUVD•added 2025/11/12 12:30 p.m.•1 views

EUVD-2025-124938

5.8AI score0.00026EPSS

Exploits0References3

NVD•added 2025/11/12 11:15 a.m.•2 views

CVE-2025-40145

0.00026EPSS

Exploits0References2

OSV•added 2025/11/12 10:23 a.m.•2 views

CVE-2025-40145 PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure

6.2AI score0.00026EPSS

Exploits0References5

CVE•added 2025/11/12 10:23 a.m.•9 views

CVE-2025-40145

CVE-2025-40145 concerns the Linux kernel, where the PCI/pwrctrl path had a double-cleanup issue on failure of devm_add_action_or_reset(). The root cause is that when devm_add_action_or_reset() fails, it invokes the provided cleanup function, so the caller must not perform a second cleanup. The fi...

5.9AI score0.00026EPSS

Exploits0References2