Lucene search
K

20 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/23 12:53 a.m.8 views

CVE-2026-11833

Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages:...

8.2CVSS5.7AI score0.00217EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/09 3:35 a.m.3 views

CVE-2025-66596

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites. The affected products and versions are as follows:...

6.9CVSS5.3AI score0.00153EPSS
Exploits0References1
CVE
CVE
added 2026/02/09 3:31 a.m.12 views

CVE-2025-66597

CVE-2025-66597 affects Yokogawa FAST/TOOLS (Packages RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) from R9.01 to R10.04. The issue arises from the product’s support for weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. Connected sources (NVD/N...

8.8CVSS5.3AI score0.00166EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/09 3:25 a.m.6 views

CVE-2025-66599

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

6.9CVSS5.2AI score0.00261EPSS
Exploits0References2
CVE
CVE
added 2026/02/09 3:16 a.m.11 views

CVE-2025-66602

CVE-2025-66602 affects Yokogawa FAST/TOOLS, specifically FAST/TOOLS packages RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB, in versions R9.01 to R10.04. The issue stems from the web server accepting access by IP address, which could enable a worm that randomly scans IPs to interact with the service. Publ...

9.8CVSS5.2AI score0.00302EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.7 views

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the Yokogawa FAST/TOOLS R9.01 to R10.04 versions. These vulnerabilities stem from the Web server’s acceptance of IP address access;...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/22 12:0 a.m.7 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.9.x through 9.9.1, 9.5.x through 9.5.7, 9.10.x through 9.10.0, and 9.8.x through 9.8.2, which stems from a failure to restrict inputs in the...

5.3CVSS6.4AI score0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.3 views

PT-2024-21900 · Zimbra · Zimbra Collaboration

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 9.0 through 10.0 Description: An issue was discovered in the zmmailboxdmgr binary, a component of Zimbra Collaboration ZCS, which is intended to be executed by the zimbra user with root privileges for specifi...

7.8CVSS8.2AI score0.00349EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.4 views

PT-2024-19805 · Unknown · Controller 6000 +1

Name of the Vulnerable Software and Affected Versions: Controller 6000 and Controller 7000 versions 8.60 and prior Controller 6000 and Controller 7000 versions 8.70 prior to vCR8.70.240520a Controller 6000 and Controller 7000 versions 8.80 prior to vCR8.80.240520a Controller 6000 and Controller...

6.3CVSS7.8AI score0.00165EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/30 12:0 a.m.4 views

PT-2022-28142 · Unknown · Modbus Poll

Name of the Vulnerable Software and Affected Versions: Modbus Tools Modbus Poll versions up to 9.10.0 Description: A critical issue was found in the mbpoll.exe file of the mbp File Handler component, leading to a buffer overflow. This can be exploited remotely. The issue affects some unknown...

7.8CVSS7.5AI score0.00658EPSS
Exploits1References9
OSV
OSV
added 2021/12/15 7:15 p.m.5 views

CVE-2021-1039

In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

7.8CVSS5.9AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2020/12/14 4:15 p.m.8 views

CVE-2020-14268

A vulnerability in the MIME message handling of the Notes client versions 9 and 10 could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which would execute with the...

9.8CVSS7.7AI score0.02226EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/14 12:0 a.m.9 views

IBM Domino 缓冲区错误漏洞

IBM Domino is a suite of enterprise-class application development platforms from IBM in the United States. A security vulnerability exists in IBM Domino server version 9, version 10, which stems from a vulnerability in MIME message handling that could be exploited by an unauthenticated attacker t...

10CVSS7.8AI score0.02952EPSS
Exploits0References3
CNVD
CNVD
added 2019/05/17 12:0 a.m.6 views

Microsoft Internet Explorer Information Disclosure Vulnerability (CNVD-2019-16213)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft IE 9, 10, and 11. The vulnerability arises from errors such as configuration during operation of a networke...

6.5CVSS6AI score0.06553EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/11 12:0 a.m.4 views

Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-08630)

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A cross-site scripting vulnerability exists in Cybozu Office versions 9.0.0 through 10.4.0. The vulnerability can be exploited to execute arbitrary script in the web browser of a logged-in user...

4.8CVSS6.6AI score0.00845EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/09 12:0 a.m.5 views

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05906)

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A security vulnerability exists when Microsoft IE versions 9 through 10 fails to properly access objects in memory. The vulnerabilit...

9.3CVSS7.4AI score0.16505EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/10/10 12:0 a.m.6 views

PT-2014-4852 · Hewlett Packard · Hp Operations Manager

Name of the Vulnerable Software and Affected Versions: HP Operations Manager versions 9.10 through 9.11 on UNIX Description: The issue allows remote attackers to execute arbitrary code. The exact vectors used for the attack are not specified. Recommendations: For HP Operations Manager versions 9....

10CVSS7AI score0.08859EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2013/02/13 12:0 a.m.4 views

PT-2013-2070 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 9 through 10 Description: The issue allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object. This occurs due to the way Internet Explorer accesses ...

9.3CVSS6.9AI score0.18572EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2013/01/10 1:57 a.m.6 views

acroread: multiple code execution flaws (APSB13-02)

Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626...

10CVSS6.4AI score0.09552EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2012/12/11 12:0 a.m.4 views

PT-2012-5590 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 9 through 10 Description: A use-after-free issue allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object. This vulnerability may corrupt memory in...

9.3CVSS6.9AI score0.25553EPSS
Exploits0References6
Rows per page
Query Builder