Lucene search
K

139 matches found

RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.4 views

CVE-2025-11004

The Simplicity Device Manager Tool has a Reflected XSS Cross-site-scripting vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, and availability of the system that has Simplicity Device...

7.5CVSS5.6AI score0.00258EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 3:31 p.m.12 views

CVE-2025-11004

The vulnerability CVE-2025-11004 is a reflected XSS in several API endpoints of the Simplicity Device Manager Tool. An attacker on the same network can exploit the issue, potentially affecting confidentiality, integrity, and availability of the system hosting the tool. The CVSS v4.0 vector indica...

7.5CVSS5.6AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 3:31 p.m.23 views

CVE-2025-11004 Reflected XSS vulnerability in Simplicity Device Manager tool

The Simplicity Device Manager Tool has a Reflected XSS Cross-site-scripting vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, and availability of the system that has Simplicity Device...

7.5CVSS0.00258EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7267

The Simplicity Device Manager Tool has a Reflected XSS Cross-site-scripting vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, and availability of the system that has Simplicity Device...

7.5CVSS5.6AI score0.00258EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/09 11:5 a.m.30 views

CVE-2026-22080 Insecure Transmission Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

8.7CVSS0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.8 views

PT-2026-2148

Name of the Vulnerable Software and Affected Versions Tenda 300Mbps Wireless Router F3 Tenda N300 Easy Setup Router Description The routers transmit credentials using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network can intercept network...

8.7CVSS6.3AI score0.00106EPSS
Exploits0References4
OSV
OSV
added 2025/11/18 8:15 p.m.9 views

CVE-2025-63226

The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...

5.7CVSS5.9AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.9 views

PT-2025-47395

Name of the Vulnerable Software and Affected Versions Sencore SMP100 SMP Media Platform versions V4.2.160, V60.1.4, V60.1.29 Description The Sencore SMP100 SMP Media Platform is susceptible to session hijacking because of inadequate session management. An attacker on the same network as a logged-...

6.5AI score0.0018EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/18 12:0 a.m.3 views

CVE-2025-63226

The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...

6.7AI score0.0018EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/14 7:59 p.m.6 views

CVE-2025-43515

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code...

8.8CVSS7.3AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/13 8:3 p.m.6 views

CVE-2025-10495

A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code...

7.7CVSS7.4AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 7:15 p.m.5 views

CVE-2025-43515

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code...

8.8CVSS0.00275EPSS
Exploits0References2
NVD
NVD
added 2025/11/12 8:15 p.m.14 views

CVE-2025-12047

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application...

6CVSS0.00152EPSS
Exploits0References1
NVD
NVD
added 2025/11/12 8:15 p.m.7 views

CVE-2025-10495

A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code...

7.7CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2025/11/12 7:18 p.m.13 views

CVE-2025-12047

Lenovo Scanner Pro is reported to have a vulnerability that, under certain conditions during an internal security assessment, could allow an attacker on the same logical network to disclose sensitive user files from the application. The available documents provide a high-level impact description ...

6CVSS6.1AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 7:18 p.m.2 views

CVE-2025-12047

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application...

6CVSS6.1AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/12 7:18 p.m.8 views

CVE-2025-12047

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application...

6CVSS0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 7:18 p.m.6 views

CVE-2025-10495

A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code...

7.7CVSS7AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.5 views

Lenovo Scanner Pro 安全漏洞

Lenovo Scanner Pro is a scanner application from the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Scanner Pro, which stems from a vulnerability that could allow an attacker on the same logical network to disclose sensitive user files in the application under certain...

6CVSS6.3AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.4 views

PT-2025-46691

Name of the Vulnerable Software and Affected Versions Lenovo Scanner pro affected versions not specified Description An issue was identified in the Lenovo Scanner pro application that, in certain situations, could allow an attacker on the same network to access sensitive user files from the...

6CVSS6.2AI score0.00152EPSS
Exploits0References3
Rows per page
Query Builder