Lucene search
+L

181 matches found

OSV
OSV
added 2025/06/17 9:43 p.m.5 views

CVE-2025-49825 Teleport allows remote authentication bypass

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch...

9.8CVSS7.2AI score0.07754EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.10 views

PT-2025-22162

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the iommu copy struct from user function. The issue involved a NULL pointer that should be rejected prior to...

5.5CVSS6.7AI score0.00157EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.3 views

PT-2025-15319 · Isherlock · Isherlock

Name of the Vulnerable Software and Affected Versions: iSherlock affected versions not specified Description: The iSherlock web service has an issue that allows remote attackers to inject and execute arbitrary system commands on the server. This is possible due to an OS command injection flaw,...

9.8CVSS8.5AI score0.0128EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.9 views

PT-2025-14308

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential memory corruption issue has been identified in the Linux kernel, specifically in the nvme-tcp module. The nvme tcp recv pdu function does not validate the header length, whic...

7.8CVSS5.5AI score0.00209EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/12 12:0 a.m.4 views

PT-2025-11070 · Google · Android

Name of the Vulnerable Software and Affected Versions: Linux Kernel Hidd Component affected versions not specified Description: A use-after-free issue exists in the hidd check config done function within hidd conn.cc. This could allow for arbitrary code execution, potentially leading to local...

5.5CVSS6.7AI score0.00079EPSS
Exploits0References6
NVD
NVD
added 2025/03/06 2:15 p.m.12 views

CVE-2024-13892

Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. During the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly...

7.7CVSS0.00694EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2020-14060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7AI score0.08607EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/22 12:0 a.m.7 views

PT-2025-13228

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue was found in the ipvlan module, where the function ipvlan process v6 outbound was assuming the IPv6 network header is...

5.5CVSS5.4AI score0.0018EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.14 views

PT-2025-30787

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to RDMA/mlx5, specifically concerning the initialization of obj event-obj sub list before its insertion using xa insert. This can lead ...

5.5CVSS6.7AI score0.0017EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.5 views

PT-2024-10567 · Phpexcel · Phpexcel

Name of the Vulnerable Software and Affected Versions: PHPExcel affected versions not specified Description: The issue concerns an XML External Entity XXE vulnerability. No specific details about affected devices or real-world incidents are provided. Recommendations: At the moment, there is no...

8.7CVSS7.1AI score0.00471EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.5 views

PT-2024-12198 · Enel X · Waybox Enel X

Name of the Vulnerable Software and Affected Versions: Waybox Enel X affected versions not specified Description: The Waybox Enel X web management application has a flaw that allows execution of arbitrary requests on the internal database via the /admin/versions.php endpoint. This issue affects...

9.6CVSS6.8AI score0.00326EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.5 views

PT-2024-39345 · Syscom · Omflow

Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue involves the exposure of sensitive data, allowing remote attackers who have logged into the system to obtain password hashes of all users and administrators...

6.5CVSS7AI score0.00463EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/09/12 12:0 a.m.6 views

PT-2024-31157 · Vernemq · Vernemq

Name of the Vulnerable Software and Affected Versions: vernemq version 2.0.1 Description: A memory allocation issue allows attackers to cause a Denial of Service DoS via excessive memory consumption. Recommendations: For vernemq version 2.0.1, at the moment, there is no information about a newer...

7.5CVSS6.8AI score0.00488EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/09/07 12:0 a.m.5 views

PT-2024-39093 · Sourcecodester · Clinic'S Patient Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A vulnerability exists in the system, allowing for an open redirect. The issue is related to the manipulation of the goto page argument in an unknown function of the fi...

6.9CVSS6.9AI score0.006EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.4 views

PT-2024-18172 · Nt Ware +1 · Uniflow Online +1

Name of the Vulnerable Software and Affected Versions: uniFLOW Online versions prior to and including 2024.1.0 Description: The registration process of uniFLOW Online apps can be compromised when email login is enabled on the tenant, particularly for those utilizing email login in combination wit...

8.3CVSS6.8AI score0.00363EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/08/25 12:0 a.m.10 views

PT-2024-29879 · Cyberark · Cyberark

Name of the Vulnerable Software and Affected Versions: CyberArk affected versions not specified Description: The issue concerns the exposure of sensitive information to an unauthorized actor. This is a critical vulnerability that affects CyberArk, allowing unauthorized access to confidential data...

4.3CVSS6.8AI score0.0029EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/07/17 12:0 a.m.11 views

PT-2024-5447 · Cisco · Cisco Asyncos

Name of the Vulnerable Software and Affected Versions: Cisco AsyncOS for Secure Email Gateway affected versions not specified Description: A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute...

7.7CVSS7.7AI score0.00616EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.10 views

PT-2024-5483 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 127.0.6533.88 Microsoft Edge affected versions not specified Description: The issue is related to the use of uninitialized variables in the Dawn component, which implements the WebGPU specification. This could...

10CVSS7.5AI score0.19272EPSS
Exploits29References227
SUSE CVE
SUSE CVE
added 2024/07/11 3:19 a.m.2 views

SUSE CVE-2024-30046

unknown...

5.9CVSS9.3AI score0.01688EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.8 views

PT-2024-28264 · Wavlink · Wavlink Wn551K1

Name of the Vulnerable Software and Affected Versions: Wavlink WN551K1 affected versions not specified Description: The issue allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. Recommendations: At the moment, there is no information about a newer...

6.5CVSS6.7AI score0.00395EPSS
Exploits1References4
Rows per page
Query Builder