Lucene search
+L

131 matches found

CVE
CVE
added 2025/12/24 7:28 p.m.10 views

CVE-2019-25250

The CVE covers Devolo dLAN 500 AV Wireless+ (firmware 3.1.0-1) with a cross-site request forgery flaw that allows triggering administrative actions via malicious pages when a logged-in user visits. Root cause stated across sources is lack of proper request validation enabling CSRF to trigger unau...

5.3CVSS6.4AI score0.00138EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/10 9:16 p.m.6 views

CVE-2021-47731

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...

9.3CVSS7.1AI score0.00454EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/09 9:31 p.m.8 views

EUVD-2021-34740

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...

9.3CVSS6.6AI score0.00454EPSS
Exploits1References6
OSV
OSV
added 2025/12/09 9:15 p.m.4 views

CVE-2021-47731

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...

9.8CVSS5.8AI score0.00454EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/09 8:47 p.m.3 views

CVE-2021-47731 Selea Targa IP Camera Developer Backdoor Configuration Overwrite

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...

9.3CVSS6.7AI score0.00454EPSS
Exploits1References5
CVE
CVE
added 2025/12/09 8:47 p.m.17 views

CVE-2021-47731

CVE-2021-47731 affects the Selea Targa IP OCR-ANPR Camera. The vulnerability is a hard-coded developer password that allows unauthorized configuration access via an undocumented endpoint, exploitable with the password Selea781830 to enable configuration upload and overwrite device settings. Docum...

9.8CVSS6.7AI score0.00454EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-50265

Name of the Vulnerable Software and Affected Versions Selea Targa IP OCR-ANPR Camera affected versions not specified Description The Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password that allows unauthorized configuration access. An attacker can exploit a hidden endpoint usi...

9.3CVSS6.8AI score0.00454EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.7 views

PT-2025-45018

Name of the Vulnerable Software and Affected Versions Radiometrics VizAir affected versions not specified Description Radiometrics VizAir lacks authentication mechanisms for critical functions, including admin access and API requests. This allows attackers to modify configurations without...

10CVSS6.6AI score0.0071EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/10/31 12:28 p.m.4 views

CVE-2025-4952 Denial-of-service vulnerability in ESET security products for Windows

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

6.8CVSS6.5AI score0.00123EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.7 views

PT-2025-44622

Name of the Vulnerable Software and Affected Versions ESET security products for Windows affected versions not specified Description Tampering with registry entries could prevent ESET security products from starting correctly upon the next system startup or result in unauthorized changes to the...

6.8CVSS6.1AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-8839

Malware in sbrugna...

7.8CVSS7.6AI score0.00492EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-15021

Malware in sbrugna...

8.8CVSS8.8AI score0.00709EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-54880

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00571EPSS
Exploits0References3
ICS
ICS
added 2025/09/09 6:0 a.m.6 views

Rockwell Automation Stratix IOS

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to run malicious configurations without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.6CVSS7.7AI score0.00605EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.4 views

Ivanti多款产品 安全漏洞

Ivanti Connect Secure ICS and others are products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure IPS is a network access control NAC solution.Ivanti Neurons is Ivanti Neurons is a groundbreaking platform that simplifies and...

7.6CVSS6.5AI score0.00515EPSS
Exploits0References2
NVD
NVD
added 2025/08/14 2:15 p.m.6 views

CVE-2024-53946

The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery CSRF on its web management interface. This vulnerability allows an attacker to trick an authenticated admin user into performing unauthorized actions, such as exploiting a command injection vulnerability in...

8.8CVSS0.00571EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

KuWFi 4G LTE AC900 安全漏洞

KuWFi 4G LTE AC900 is a WiFi router from KuWFi China. A security vulnerability exists in the KuWFi 4G LTE AC900 version 1.0.13, which originates from a cross-site request forgery in the web management interface that could lead to unauthorized configuration changes...

8.8CVSS6.7AI score0.00571EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.18 views

PT-2025-33279 · Kuwfi · Kuwfi 4G Ac900 Lte Router

Name of the Vulnerable Software and Affected Versions: KuWFi 4G LTE AC900 router version 1.0.13 Description: The KuWFi 4G LTE AC900 router is susceptible to Cross-Site Request Forgery CSRF on its web management interface. An attacker can deceive an authenticated administrator into performing...

8.8CVSS6.9AI score0.00571EPSS
Exploits0References5
NCSC
NCSC
added 2025/06/20 11:4 a.m.6 views

Vulnerabilities fixed in IBM QRadar SIEM

IBM has fixed vulnerabilities in IBM QRadar SIEM Specific to version 7.5.0 Update Package 12. The vulnerabilities include an ability for an authorized user to modify critical configuration files, which could lead to uploading malicious autoupdate files and executing arbitrary commands within the...

9.1CVSS7AI score0.0047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:3 a.m.4 views

CVE-2023-20048

A vulnerability in the web services interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense FTD device that is managed by the FMC Software. This vulnerability is...

9.9CVSS7AI score0.15821EPSS
Exploits4References1
Rows per page
Query Builder