Lucene search
K

30 matches found

EUVD
EUVD
added 2026/05/14 4:7 p.m.7 views

EUVD-2025-209852

HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This may allow repeated authentication attempts, potentially leading to unauthorized access or account compromise under certain conditions...

5.4CVSS5.8AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/02/27 6:54 a.m.10 views

CVE-2025-15567

Technical details are not publicly available in the provided documents. Monitor for updates from vendors and security advisories to learn affected products, components, and remediation information.

5.1CVSS5.3AI score0.00134EPSS
Exploits0References1Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/18 12:0 a.m.4 views

Rubber Mallet: a Study of High Frequency Localized Bit Flips and Their Impact on Security

The increasing density of modern DRAM has heightened its vulnerability to Rowhammer attacks, which induce bit flips by repeatedly accessing specific memory rows. This paper presents an analysis of bit flip patterns generated by advanced Rowhammer techniques that bypass existing hardware defenses...

7.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/03 12:0 a.m.6 views

The vulnerability of the microprogramming software of Schneider Electric’s programmable logic controller Modicon M340 and its network modules BMXNOE0100, BMXNOE0110, and BMXNOR0200H lies in the insufficient protection of operational data. This allows unauthorized access by intruders to read, modify, or delete data, or to cause malfunctions in the system.

The vulnerability of the microprogramming software of Schneider Electric’s Modicon M340 programmable logic controller, as well as the network modules BMXNOE0100, BMXNOE0110, and BMXNOR0200H, is related to insufficient protection for operational data. Exploiting this vulnerability can allow an...

9CVSS5.5AI score0.00334EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.6 views

The vulnerability of the virtual learning environment Moodle, related to insufficient protection of operational data, allows a intruder to gain unauthorized access to protected information.

The vulnerability in the virtual learning environment Moodle is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.9AI score0.00335EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/24 12:0 a.m.6 views

The vulnerability of Adobe Connect’s instant messaging program, related to the lack of protective measures for website structures, allows attackers to execute XSS attacks.

The vulnerability of the Adobe Connect instant messaging program relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute XSS attacks by injecting malicious scripts into form fields...

5.5CVSS5.6AI score0.00387EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.4 views

The vulnerability of the Flow-X gas consumption controller and processor web service allows a intruder to access confidential information.

The vulnerability of the Flow-X gas consumption controller web service is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...

5.3CVSS5.9AI score0.0388EPSS
Exploits4References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.5 views

The vulnerability of the Twisted web framework, related to the lack of protective measures for website structures, allows attackers to access confidential data and compromise its integrity.

The vulnerability of the Twisted web framework is related to the lack of security measures for website structures. Exploiting this vulnerability allows a malicious actor to gain access to confidential data and compromise its integrity...

5.5CVSS6.2AI score0.01156EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.4 views

The vulnerability of the site_id parameter in the netshop CMS system, Netcat, allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the siteid parameter in the netshop CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

9CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.6 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to carry out cross-site scripting attacks...

5.5CVSS5.2AI score0.00385EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/09 12:0 a.m.5 views

The vulnerability of the RESTEasy software lies in the lack of protective measures for website structures, allowing attackers to carry out XSS attacks.

The vulnerability of the RESTEasy software is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.7AI score0.01394EPSS
Exploits1References6Affected Software8
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.5 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.8AI score0.00562EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.8 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the structure of web pages, allows attackers to disclose protected information.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

4.1CVSS5.9AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.5 views

The vulnerability of NagiosXI software, related to the lack of measures taken to protect the website structure, allows attackers to execute XSS-type attacks.

The vulnerability of NagiosXI software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out a type of attack known as reflected XSS...

8.4CVSS5.4AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.4 views

The vulnerability in the web interface of Inductive Automation Ignition software allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of Inductive Automation Ignition’s software for industrial automation is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

8.3CVSS7.2AI score0.01062EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/05 12:0 a.m.5 views

The vulnerability of the Red Hat Ansible configuration management system lies in the lack of protective measures for SQL query structures, allowing attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the Red Hat Ansible configuration management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information by using the...

9CVSS5.6AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

NETGEAR Nighthawk 跨站请求伪造漏洞

The NETGEAR Nighthawk WiFi6 Router is a series of routers from NETGEAR that support WiFi 6 technology and are aimed at users seeking a high-speed Internet experience. The NETGEAR Nighthawk WiFi6 Router suffers from a cross-site request forgery vulnerability that stems from the device not properly...

8.8CVSS6.8AI score0.00273EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/03/23 12:0 a.m.5 views

The vulnerability of the Azure Site Recovery disaster recovery tool lies in the insufficient protection of registration data, allowing attackers to escalate their privileges.

The vulnerability of the Azure Site Recovery recovery tool is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...

8.5CVSS6.9AI score0.02569EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.4 views

The vulnerability of Microsoft Exchange Server servers stems from the lack of protective measures for website structures, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of Microsoft Exchange Server lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created malicious link...

4.3CVSS6.7AI score0.01805EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Finesse automation software allows a malicious individual to gain unauthorized access to the OpenSocial Gadget Editor.

The vulnerability in the web interface for controlling the automation tools of Cisco Finesse’s operator software relates to the lack of protective measures for the web page structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the...

6.5CVSS6.2AI score0.01428EPSS
Exploits0References3
Rows per page
Query Builder