Lucene search
K

14 matches found

Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.8 views

PT-2026-7270

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU5 Description An authentication bypass exists in Ivanti Endpoint Manager that allows a remote, unauthenticated attacker to leak stored credential data. This flaw is actively exploited in the wil...

8.6CVSS7.4AI score0.81089EPSS
Exploits0References81
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

Ivanti Endpoint Manager 路径遍历漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. A path traversal vulnerability exists in Ivanti Endpoint Manager EPM versions prior to 2024 SU4 SR1, which stems from path traversal and could lead to arbitrary file writes...

8CVSS6.7AI score0.01127EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2, which stems from overly lax...

5.1CVSS6.1AI score0.00325EPSS
Exploits0References3
OSV
OSV
added 2025/04/08 3:15 p.m.5 views

CVE-2025-22459

Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers...

4.8CVSS5.8AI score0.00337EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

MeetMe 安全漏洞

MeetMe is a dating software from MeetMe, Inc. A security vulnerability exists in versions prior to MeetMe 2024-09 that stems from unauthorized access to the Call Forwarding Service system, which could be brute force attacked via an extension number...

5.3CVSS6.6AI score0.00298EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.3 views

zz 安全漏洞

zz is an e-commerce platform for zj1983 individual developers. A security vulnerability exists in zz 2024-8 and earlier versions, which stems from a denial of service in the ZfileAction.java file...

6.5CVSS5.4AI score0.00552EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/02 12:0 a.m.5 views

zz 注入漏洞

zz is an e-commerce platform for zj1983 individual developers. An injection vulnerability exists in zz 2024-8 and prior versions, which stems from SQL injection and could lead to remote code execution...

8.8CVSS7.5AI score0.00474EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.11 views

PT-2024-16351

Name of the Vulnerable Software and Affected Versions Dataprom Informatics Personnel Attendance Control Systems PACS / Access Control Security Systems ACSS versions prior to 2024 Description The issue is related to an Origin Validation Error, which allows traffic injection. This affects the...

9.8CVSS5.8AI score0.00358EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/10/09 12:0 a.m.7 views

PT-2024-38619 · Progress · Telerik Reporting

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924 Description: A command injection attack is possible through improper neutralization of hyperlink elements. This issue arises due to the improper handling of hyperlink element...

7.8CVSS7.8AI score0.00662EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.3 views

Telerik UI 命令注入漏洞

Telerik UI is a suite of UI User Interface controls for application development from Telerik Bulgaria. A command injection vulnerability exists in Telerik UI versions prior to 2024 Q3 2024.3.821, which originates from a command injection attack that can be initiated by disrupting the middle and...

9.8CVSS7.3AI score0.00682EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/23 12:0 a.m.17 views

PT-2024-37789 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2024.0.0 Description: A SQL Injection issue allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password. This can be exploited by altering a privileg...

8.8CVSS8.7AI score0.00714EPSS
Exploits0References11
OSV
OSV
added 2024/07/23 2:15 p.m.3 views

CVE-2024-4081

A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects NI LabVIEW 2024 Q1 and prior versions...

7.8CVSS5.9AI score0.00271EPSS
Exploits0References1
OSV
OSV
added 2024/05/15 5:15 p.m.4 views

CVE-2024-4202

In Progress® Telerik® Reporting versions prior to 2024 Q2 18.1.24.514, a code execution attack is possible through an insecure instantiation vulnerability...

8.6CVSS6.1AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/26 12:0 a.m.5 views

PT-2024-24551

Name of the Vulnerable Software and Affected Versions inducer relate versions prior to 2024.1 Description A Server-Side Template Injection SSTI issue allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function. This enables the attacker to...

7.5CVSS7.9AI score0.01109EPSS
Exploits1References4
Rows per page
Query Builder