Lucene search
K

313 matches found

Kaspersky
Kaspersky
added 2026/02/16 12:0 a.m.5 views

KLA90889 DoS vulnerability in Mozilla Thunderbird ESR

Heap buffer overflow vulnerability was found in Mozilla Thunderbird ESR. Malicious users can exploit this vulnerability to cause denial of service. Original advisories MFSA2026-11 Exploitation Related products Mozilla-Thunderbird-ESR CVE list CVE-2026-2447 unknown Solution Update to the latest...

8.8CVSS6AI score0.006EPSS
Exploits0References3
ICS
ICS
added 2026/02/10 12:0 a.m.6 views

Siemens Siveillance Video Management Servers

SUMMARY The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve full access to Webhooks API. Siemens has released new versions for the affected products and recommends to...

6.3CVSS5.8AI score0.00179EPSS
Exploits0References10
ICS
ICS
added 2026/02/10 12:0 a.m.9 views

Siemens Simcenter Femap and Nastran

SUMMARY Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to...

6.5AI score
Exploits0References10
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

Fanwei e-cology - SQL Injection

Fanwei e-cology 8.0 contains a sql injection caused by unsanitized user input in the sql parameter of getdata.jsp, letting unauthenticated attackers execute arbitrary SQL queries and access sensitive data. id: CVE-2025-34038 info: name: Fanwei e-cology - SQL Injection author: ritikchaddha severit...

8.7CVSS8.3AI score0.01837EPSS
Exploits1References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.14 views

Omnissa Workspace ONE UEM - Path Traversal

Omnissa Workspace ONE UEM contains a path traversal caused by crafted GET requests to restricted API endpoints, letting malicious actors access sensitive information, exploit requires sending crafted requests. id: CVE-2025-25231 info: name: Omnissa Workspace ONE UEM - Path Traversal author:...

7.5CVSS6.5AI score0.20348EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2026/01/27 12:0 a.m.6 views

KLA90859 ACE vulnerability in Mozilla Thunderbird

A remote code execution vulnerability was found in Mozilla Thunderbird. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories MFSA2026-07 Related products Mozilla-Thunderbird CVE list CVE-2026-0818 warning Solution Update to the latest version Download...

4.3CVSS6.8AI score0.00159EPSS
Exploits0References3
ICS
ICS
added 2026/01/13 12:0 a.m.5 views

Siemens Industrial Edge Device Kit

SUMMARY Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices for Siemens Industrial Edge devices see Additional Information. Industrial Edge Device Kit contains an authorization bypass vulnerability that could facilitate an unauthenticated...

10CVSS7.1AI score0.00601EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.5 views

PT-2025-53454

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion software affected versions not specified Description The Eaton UPS Companion software contains a flaw related to insecure library loading. An attacker who has access to the software package could potentially execute arbitra...

7.8CVSS7.1AI score0.00134EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/09 8:25 a.m.8 views

Android App "Brother iPrint&Scan" improper use of an external cache directory

Overview iPrint provided by Brother Industries, Ltd. contains the following vulnerability. Improper use of an external cache directory CWE-524 - CVE-2025-64696 Johan Francsics reported this vulnerability to BROTHER INDUSTRIES, LTD. and coordinated. After the coordination, BROTHER INDUSTRIES, LTD...

4.8CVSS4.4AI score0.00115EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.10 views

KLA90807 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics...

9.8CVSS7.3AI score0.0049EPSS
Exploits0References3
ICS
ICS
added 2025/12/09 12:0 a.m.6 views

Siemens RUGGEDCOM ROS

SUMMARY Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

5.3CVSS6.8AI score0.00226EPSS
Exploits0References10
ICS
ICS
added 2025/12/09 12:0 a.m.8 views

Siemens SINEC Security Monitor

SUMMARY SINEC Security Monitor before V4.10.0 contains multiple vulnerabilities. Siemens has released a new version for SINEC Security Monitor and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...

6.5AI score
Exploits0References10
Kaspersky
Kaspersky
added 2025/12/03 12:0 a.m.6 views

KLA90824 DoS vulnerability in Wireshark

Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories wnpa-sec-2025-08 · MEGACO dissector infinite loop Exploitation Public exploits exist for this vulnerability. Related products Wireshark CVE list...

5.5CVSS6.6AI score0.00126EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/17 5:9 a.m.5 views

"Dejira" App for iOS vulnerable to improper server certificate verification

Overview "Dejira" App for iOS provided by KDDI CORPORATION contains the following vulnerability. Improper server certificate verification CWE-295 Tsuyoshi Ogawa of SIE Co.,Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.8CVSS4.9AI score0.00121EPSS
Exploits0References4
ICS
ICS
added 2025/11/11 12:0 a.m.9 views

Siemens COMOS

SUMMARY COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

8.4AI score
Exploits0References10
ICS
ICS
added 2025/11/11 12:0 a.m.7 views

Siemens Software Center and Solid Edge

SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...

8.5CVSS7.7AI score0.00158EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/10/28 3:4 p.m.4 views

CVE-2025-12351

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...

6.8CVSS6.8AI score0.0021EPSS
Exploits0References1
Sick AG
Sick AG
added 2025/10/27 11:0 a.m.10 views

Sudo vulnerability affects SICK SID products

SICK SID products are affected by the sudo vulnerability CVE-2025-32463. SICK strongly recommends to update to the latest version to mitigate the risk...

9.3CVSS7AI score0.47467EPSS
Exploits70
Kaspersky
Kaspersky
added 2025/10/21 12:0 a.m.10 views

KLA89408 Multiple vulnerabilities in Oracle VirtualBox

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit this vulnerability to execute arbitrary code, obtain sensitive information, cause denial of service. Original advisories Oracle Virtualization Risk Matrix Related products Oracle-VirtualBox CVE list CVE-2025-61759 hig...

8.2CVSS7.9AI score0.00191EPSS
Exploits0References3
ICS
ICS
added 2025/10/14 12:0 a.m.6 views

Siemens SiPass Integrated

SUMMARY SiPass integrated before V3.0 contains multiple vulnerabilities that could allow an unauthenticated remote attacker to exploit user accounts, manipulate data, impersonate users, or achieve arbitrary code execution on the SiPass integrated server. Siemens has released a new version for...

9.3AI score
Exploits0References10
Rows per page
Query Builder