Lucene search
K

886 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-15502

Malware in sbrugna...

8.1CVSS8.1AI score0.00995EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-3207

Malware in sbrugna...

9CVSS7.7AI score0.03808EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-7600

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.03709EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-4194

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00649EPSS
Exploits1References3
NVD
NVD
added 2025/09/29 9:15 p.m.10 views

CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

9.8CVSS0.00627EPSS
Exploits1References4
OSV
OSV
added 2025/09/29 9:15 p.m.7 views

CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

9.8CVSS6.4AI score0.00627EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/29 8:36 p.m.5 views

CVE-2025-34212 Vasion Print (formerly PrinterLogic) Insecure Build Pipeline

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

8.7CVSS8.1AI score0.00627EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.5 views

PT-2025-39881

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.843 Vasion Print Application versions prior to 20.0.1923 Description The Vasion Print Virtual Appliance Host and Application have weaknesses in their CI/CD processes. The build process retrieves an unverifie...

8.7CVSS7.9AI score0.00627EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/09/25 5:47 p.m.12 views

CVE-2025-20334

A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation. An attacker with administrative privileges...

8.8CVSS7.3AI score0.00468EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/20 12:30 a.m.9 views

CVE-2025-57295

H3C devices running firmware version NX15V100R015 are vulnerable to unauthorized access due to insecure default credentials. The root user account has no password set, and the H3C user account uses the default password "admin," both stored in the /etc/shadow file. Attackers with network access ca...

8CVSS7.7AI score0.00381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/18 8:29 p.m.6 views

CVE-2025-34187

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads...

9.3CVSS7.7AI score0.03187EPSS
Exploits2References1
CVE
CVE
added 2025/09/16 7:45 p.m.33 views

CVE-2025-34187

Ilevia EVE X1/X5 Server (versions ≤ 4.7.18.0.eden) is affected by multiple vulnerabilities. The primary CVE (CVE-2025-34187) stems from a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts; if these scripts are writable by web-facing users or reachable...

9.3CVSS7.3AI score0.03187EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2025/09/16 7:45 p.m.9 views

CVE-2025-34187 Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads...

9.3CVSS0.03187EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2025/09/16 7:45 p.m.8 views

CVE-2025-34187 Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads...

9.3CVSS7.3AI score0.03187EPSS
Exploits2References4
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.79 views

Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell

!/usr/bin/env python Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell Vendor: Ilevia Srl. Product web page: https://www.ilevia.com Affected version: = 4.7.18.0.eden Logic ver: 6.00 Summary: EVE is a smart home and building automation solution designed for both residential and commercial...

7AI score
Exploits0
CVE
CVE
added 2025/09/12 1:48 p.m.28 views

CVE-2025-10364

CVE-2025-10364 affects the Evertz SDVN 3080ipx-10G web management interface. The issue is a command-injection vulnerability in feature-transfer-export.php that allows remote unauthenticated arbitrary code execution with root privileges. The connected sources confirm the vulnerability is tied to t...

9.3CVSS7.8AI score0.74884EPSS
In wildExploits0References1
Packet Storm
Packet Storm
added 2025/09/05 12:0 a.m.167 views

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Ilevia EVE X1/X5 Server version 4.7.18.0.eden reverse rootshell exploit. A misconfiguration in the sudoers file permits passwordless execution of specific Bash shell scripts via sudo, exposing a critical privilege escalation vulnerability. When such scripts are writable by a web-facing user...

8.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/01 7:21 a.m.4 views

Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection

Overview SkyBridge BASIC MB-A130 provided by Seiko Solutions Inc. contains the following vulnerability. OS command injection CWE-78 - CVE-2025-54857 Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

9.8CVSS8AI score0.03214EPSS
Exploits0References4
OSV
OSV
added 2025/08/27 10:15 p.m.5 views

CVE-2018-25115

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from...

9.8CVSS6.1AI score0.08674EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.7 views

PT-2025-33278 · Kuwfi · Kuwfi 4G Ac900 Lte Router

Name of the Vulnerable Software and Affected Versions: KuWFi 4G AC900 LTE router version 1.0.13 Description: The KuWFi 4G AC900 LTE router is susceptible to command injection via the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary ...

8.8CVSS7.7AI score0.19045EPSS
Exploits0References6
Rows per page
Query Builder