Lucene search
K

7576 matches found

Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.14 views

ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing

It is well established that industrial control systems comprise the operational backbone of modern critical infrastructures, yet their increasing connectivity exposes them to cyber threats that are difficult to study and remedy safely under real-time operational conditions. In this paper, we...

6AI score
Exploits0
Redos
Redos
added 2026/02/24 12:0 a.m.7 views

ROS-20260224-73-0011

A vulnerability in the iTop web-based IT service management tool is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.6CVSS6.1AI score0.00417EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

Part-DB SQL注入漏洞

Part-DB is an open-source web-based database designed for managing electronic components. Version 0.4 of Part-DB contains a SQL injection vulnerability. This vulnerability stems from SQL injection attacks on authentication parameters, which could allow unverified attackers to bypass authenticatio...

8.8CVSS5.9AI score0.00351EPSS
Exploits0References3
NVD
NVD
added 2026/02/09 11:16 p.m.6 views

CVE-2026-25951

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences e.g., ....//, an...

8.6CVSS0.01216EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/09 10:24 p.m.5 views

CVE-2026-25951

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences e.g., ....//, an...

8.6CVSS5.9AI score0.01216EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.5 views

OpenProject 安全漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.0.2 had security vulnerabilities, which stemmed from lack of permission checks. These vulnerabilities could potentially lock out application administrators...

6.7CVSS5.8AI score0.00321EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.7 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Versions of FUXA 1.2.9 and earlier contain security vulnerabilities. These vulnerabilities stem from authorization bypasses, which could allow unverified remote attackers to modify device labels...

9.3CVSS5.8AI score0.00479EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.6 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Versions of FUXA 1.2.9 and earlier contain security vulnerabilities. These vulnerabilities stem from information leaks, which may lead to the retrieval of sensitive management database credentials...

9.1CVSS5.8AI score0.00269EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.6 views

CVE-2026-20098

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.19 views

PT-2026-7186

Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal issue allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server...

9.8CVSS6.5AI score0.02675EPSS
Exploits3References15
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.6 views

Cisco Prime Infrastructure 信任管理问题漏洞

Cisco Prime Infrastructure is an application software developed by the American company Cisco. It is used to simplify the management of wireless and wired networks. Cisco Prime Infrastructure has a trust management vulnerability, which stems from the improper validation of user inputs in the...

4.8CVSS5.6AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from the project import function not properly cleaning or sandboxing the scripts provided by users. As a result, remote code execution may...

9.8CVSS6.4AI score0.00416EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 5:58 p.m.10 views

EUVD-2026-4780

A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an unauthenticated remote attacker to view some system files. Successful exploitation could allow an attacker to read files within the affected directory...

7.5CVSS5.9AI score0.00639EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.193 views

📄 Siklu EtherHaul EH-8010 / EH-1200 Vulnerability Scanner

This PHP-based scanner safely detects an unauthenticated remote command execution vulnerability in Siklu EtherHaul EH-8010 and EH-1200 devices by sending a non-destructive encrypted probe command and validating the response. The scanner does not alter device state and is suitable for large-scale...

9.8CVSS5.8AI score0.01219EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/01/22 5:34 p.m.8 views

CVE-2026-20045

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could...

9.8CVSS6.6AI score0.04307EPSS
Exploits1References1
CVE
CVE
added 2026/01/21 4:26 p.m.332 views

CVE-2026-20045

Cisco CVE-2026-20045 affects Cisco Unified Communications Manager (including Unified CM SME, IM&P), Unity Connection, and Webex Calling Dedicated Instance. The flaw stems from improper validation of user-supplied input in HTTP requests to the web-based management interface, allowing an unauthenti...

9.8CVSS6.6AI score0.04307EPSS
In wildExploits1References2Affected Software3
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.4 views

Number withdrawal

phpPgAdmin is an open-source application developed by phppgadmin. It is the leading web-based management tool for Postgres databases...

5.8AI score0.00262EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.4 views

IBM ApplinX 数据伪造问题漏洞

IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern Web-based applications. IBM ApplinX has a data forgery issue vulnerability that stems from improper JWT token validation, which can be exploited by an attacker to elevate...

9.8CVSS5.8AI score0.0015EPSS
Exploits0References2
NVD
NVD
added 2026/01/19 6:16 p.m.6 views

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

5.3CVSS0.00169EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/19 6:1 p.m.4 views

CVE-2025-55249 HCL AION is affected by a Missing Security Response Headers vulnerability.

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

3.5CVSS5.4AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder