Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27278

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 3:26 p.m.4 views

CVE-2025-10183

A blind XML External Entity XXE injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCo...

9.1CVSS7.6AI score0.004EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 3:15 p.m.13 views

CVE-2025-10183

A blind XML External Entity XXE injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCo...

9.1CVSS0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 2:50 p.m.8 views

CVE-2025-10183 XML External Entity Injection in TecConnect 4.1

A blind XML External Entity XXE injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCo...

9.1CVSS0.004EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 2:50 p.m.16 views

CVE-2025-10183

CVE-2025-10183 describes a blind XML External Entity (XXE) injection in the OpenMessaging webservice of TecCom TecConnect 4.1, allowing an unauthenticated attacker to exfiltrate arbitrary files to a controller server. Affected: TecConnect 4.1 OpenMessaging webservice; root cause is XXE in OpenMes...

9.1CVSS7.1AI score0.004EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 2:50 p.m.4 views

CVE-2025-10183 XML External Entity Injection in TecConnect 4.1

A blind XML External Entity XXE injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCo...

9.1CVSS7.1AI score0.004EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36738

Name of the Vulnerable Software and Affected Versions: TecCom TecConnect version 4.1 Description: The OpenMessaging webservice in TecCom TecConnect version 4.1 contains a blind XML External Entity XXE injection. This allows an unauthenticated attacker to exfiltrate arbitrary files to an...

9.1CVSS6.8AI score0.004EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.4 views

TecCom TecConnect 安全漏洞

TecCom TecConnect is a middleware from TecCom Germany. A security vulnerability exists in TecCom TecConnect version 4.1, which originates from a blind XXE injection in the OpenMessaging webservice and could lead to arbitrary file disclosure...

9.1CVSS7AI score0.004EPSS
Exploits0References1
Rows per page
Query Builder