Lucene search
K

98 matches found

Cvelist
Cvelist
added 2025/08/12 4:59 p.m.10 views

CVE-2025-27576

Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for IntelR TiberTM Edge Platform may allow an unauthenticated user to potentially enable denial of service via local access...

2.9CVSS0.00129EPSS
Exploits0References1
OSV
OSV
added 2025/08/12 12:15 p.m.4 views

CVE-2025-30034

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...

5.5CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2025/08/12 12:15 p.m.8 views

CVE-2025-30034

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...

6.9CVSS0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.3 views

PHOENIX CONTACT多款产品 操作系统命令注入漏洞

PHOENIX CONTACT CHARX SEC-3050 and others are products of PHOENIX CONTACT, Germany.PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller.PHOENIX CONTACT CHARX SEC-3100 is an AC PHOENIX CONTACT CHARX SEC-3150 is an AC charge controller. An operating system command injection vulnerability exist...

8.4CVSS7.3AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.8 views

CVE-2023-49676

An unauthenticated local attacker may trick a user to open corrupted project files to crash the system due to use after free vulnerability...

5.5CVSS6.9AI score0.00178EPSS
Exploits0
OSV
OSV
added 2025/05/08 6:15 p.m.6 views

CVE-2025-30101

Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use TOCTOU race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering...

6.3CVSS5.8AI score0.00132EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/05/05 3:28 a.m.400 views

Exploit for CVE-2025-4524

CVE-2025-4524 - Unauthenticated madara-core Wordpress theme LF...

9.8CVSS9.5AI score0.09094EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2025/04/10 3:15 a.m.2 views

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...

7CVSS5.8AI score0.00144EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/02/17 9:53 p.m.5 views

WordPress Keap Official Opt-in Forms plugin <= 2.0.1 - Unauthenticated Limited Local File Inclusion vulnerability

Unauthenticated Limited Local File Inclusion vulnerability discovered by Hiroho Shimada in WordPress Plugin Keap Official Opt-in Forms versions = 2.0.1...

9.8CVSS7AI score0.01254EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.6 views

PT-2025-6277

Name of the Vulnerable Software and Affected Versions: Dell UCC Edge version 2.3.0 Description: The issue concerns a Blind SSRF vulnerability in the Add Customer SFTP Server of Dell UCC Edge. An unauthenticated attacker with local access could exploit this, leading to Server-Side Request Forgery...

7.9CVSS6AI score0.00143EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/12/20 1:50 a.m.7 views

CVE-2020-9250

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. Vulnerability ID: HWPSIRT-2019-12302 Th...

3.3CVSS6.7AI score0.00118EPSS
Exploits1References1
OSV
OSV
added 2024/12/11 8:15 a.m.5 views

CVE-2024-53290

Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Command execution...

8.4CVSS5.9AI score0.00834EPSS
Exploits0References1
OSV
OSV
added 2024/12/03 10:15 a.m.3 views

CVE-2024-47476

Dell NetWorker Management Console, versions 19.11, contains an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
OSV
OSV
added 2024/10/15 11:15 a.m.11 views

CVE-2024-45271

An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation...

7.8CVSS5.8AI score0.00311EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/20 6:58 a.m.30 views

CVE-2024-4098 Shariff Wrapper <= 4.6.13 - Unauthenticated Local File Inclusion

The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.6.13 via the shariff3uufetchsharecounts function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code i...

9.8CVSS0.0101EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.3 views

PT-2024-23401 · Dell · Telemetry Dashboard

Name of the Vulnerable Software and Affected Versions: Telemetry Dashboard version 1.0.0.8 for Dell ThinOS 2402 Description: The issue concerns a sensitive information disclosure vulnerability. It can be exploited by an unauthenticated user with local access to the device, potentially leading to...

7.5CVSS6.6AI score0.01154EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.3 views

Dell ThinOS Information Disclosure Vulnerability

Dell ThinOS is a client operating system from Dell USA. An information disclosure vulnerability exists in Dell ThinOS 2402 Telemetry Dashboard v1.0.0.8, which originates from allowing an unauthenticated user with local access to the device to disclose information...

7.5CVSS5.9AI score0.01154EPSS
Exploits0References2
OSV
OSV
added 2024/03/12 9:15 a.m.3 views

CVE-2024-25999

An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...

7.8CVSS5.8AI score0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.4 views

PHOENIX CONTACT CHARX SEC Input Validation Error Vulnerability

PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. An input validation error vulnerability exists in PHOENIX CONTACT CHARX SEC-3000 versions prior to v1.5.1, which stems from incorrect input validation and allows an unauthenticated local attacker to...

8.4CVSS6.6AI score0.00408EPSS
Exploits0References3
OSV
OSV
added 2023/12/08 6:15 a.m.2 views

CVE-2023-32460

Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation...

7.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder