Lucene search
K

216 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-5218

Malware in sbrugna...

7.5CVSS7.4AI score0.01652EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-18801

Malware in sbrugna...

10CVSS9.5AI score0.03886EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-0671

Malware in sbrugna...

6.8CVSS6.4AI score0.02014EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19970

Malware in sbrugna...

5.3CVSS5.5AI score0.02193EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7864

Malware in sbrugna...

7.5CVSS7.5AI score0.01591EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-22045

Malware in sbrugna...

8.8CVSS7AI score0.00828EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-5514

Malware in sbrugna...

9CVSS6.4AI score0.02098EPSS
Exploits0References8
Snyk
Snyk
added 2025/09/23 12:32 a.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper permission checks in the import and export tasks. An attacker can gain unauthorized access to exported data by sending crafted requests to the REST APIs. Remediation Upgrade...

5.4CVSS7AI score0.00234EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 8:43 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the gRPC API and HTTP APIs, which allow peers to send requests that cause the recipient to create files in arbitrary file system locations and read arbitrary files. An attacker can access sensitive data or execu...

10CVSS7.4AI score0.0068EPSS
Exploits0References2
OSV
OSV
added 2025/07/10 5:15 p.m.7 views

CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

10CVSS6.6AI score0.95343EPSS
Exploits23References6
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.6 views

The vulnerability of the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows attackers to compromise the integrity of protected information.

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson relates to the lack of traceability in the trust chain during certificate verification. Exploitation of this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of the...

4.3CVSS5.5AI score0.00219EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.9 views

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows a perpetrator to write or re-write any files as desired.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson web interfaces relates to incorrect restrictions on the path name to the restricted catalog. Exploitation of this vulnerability could allow a malicious actor to write to or re-write any files remotely...

5.3CVSS5.5AI score0.00525EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/13 12:0 a.m.6 views

The vulnerability in the web-based interfaces of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager allows a perpetrator to execute arbitrary commands.

The vulnerability of the Web interface for managing Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager systems relates to incorrect elimination of certain elements in the output data. Exploiting this vulnerability could allow a malicious actor to execute...

8.5CVSS5.8AI score0.00498EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/03/10 12:0 a.m.6 views

How to Create a Scan to Identify Remote Command Execution

This whitepaper covers how to create a scan in Perl to identify remote command execution in web applications. Depending on the context of the environment and architecture, the content of the paper can be applied to APIs in addition to presenting how to correct or avoid RCE problems at the code...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/03/05 12:0 a.m.4 views

How to Create a Scan for Path Traversal

This whitepaper covers how to create a scan in Perl to identify path traversal in web applications. Depending on the context of the environment and architecture, the content of the paper can be applied to APIs in addition to presenting how to correct or avoid path traversal problems at the code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 1:44 a.m.2 views

CVE-2024-11667

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50W series firmware versions V5.10 through V5.38, and USG20W-VPN series firmware versions V5.10 through...

9.8CVSS6.9AI score0.03017EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.15 views

The vulnerability of the JSON-RPC API function of the Cisco Crosswork Network Services Orchestrator (NSO) and ConfD software, which is used by the web-based management interfaces for Cisco Optical Site Manager and Gigabit VPN routers Cisco RV340 Dual WAN, allows a malicious actor to escalate their privileges.

The vulnerability of the JSON-RPC API function of the Cisco Crosswork Network Services Orchestrator NSO and ConfD software, which is used by the Cisco Optical Site Manager and Gigabit VPN routers Cisco RV340 Dual WAN control web interfaces, is related to incorrect authentication checks in the API...

9CVSS5.4AI score0.00576EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.11 views

Vulnerability of web-based interfaces for microprogramming systems: Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to disclose protected information.

The vulnerability of the web-based management interfaces for Netis microprogramming systems, including Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360, is related to insufficient protection for sensitive data. Exploiting this...

4CVSS7.6AI score0.06249EPSS
Exploits1References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/01/08 12:0 a.m.6 views

Vulnerability of web-based interfaces for microprogramming software Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to increase their privileges

The vulnerability of the web-based management interfaces for Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 lies in the reading of data beyond the permitted range in memory. Exploiting this vulnerability can allow an attacker to...

10CVSS7.7AI score0.03028EPSS
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.11 views

The vulnerability in the web interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems allows attackers to perform cross-site scripting attacks and gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows an attacker to perform cross-site scripting...

6.4CVSS5.2AI score0.00349EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder