Lucene search
K

101 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/25 6:35 a.m.14 views

NEC Aterm series vulnerable to cross-site scripting (NV26-002)

Overview Aterm series products provided by NEC Corporation contain the following vulnerability. Cross-site scripting CWE-79 - CVE-2026-6059 Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

4.8CVSS5.8AI score0.00179EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

Zyxel WRE6505 安全漏洞

The Zyxel WRE6505 is a wireless signal extension device produced by the Chinese company Zyxel. The Zyxel WRE6505 v2 firmware version 1.00ABDV.3C0 contains a security vulnerability. This vulnerability stems from improper CGI program coding or escaping, which may allow adjacent WLAN attackers to...

4.5CVSS5.8AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.7 views

CVE-2023-45741

VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands...

6.8CVSS7.7AI score0.00329EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14873

Malware in sbrugna...

4.9CVSS5.2AI score0.0181EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-14870

Malware in sbrugna...

4.9CVSS5.2AI score0.0181EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41454

Malicious code in bioql PyPI...

8CVSS8.4AI score0.00382EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-34111

Malicious code in bioql PyPI...

10CVSS9.5AI score0.03152EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-2141

Malicious code in bioql PyPI...

7.2CVSS9.1AI score0.01118EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-41452

Malicious code in bioql PyPI...

8CVSS8.5AI score0.0098EPSS
Exploits0References3
OSV
OSV
added 2025/09/29 10:15 a.m.3 views

DEBIAN-CVE-2025-11146

Reflected Cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts XSS in the web management application. The vulnerability is caused by improper handling of GET inputs included in the URL in “/acng-report.html”...

5.4CVSS5.3AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 9:3 p.m.9 views

CVE-2025-6983

A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions via rendered UI layers or frames.This issue affects Archer C1200 = 1.1.5...

5.1CVSS7.2AI score0.00392EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.7 views

PT-2025-29878 · Tp Link · Archer C1200

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C1200 versions prior to 1.1.6 Description: A clickjacking issue exists in the web management page of the TP-Link Archer C1200. This allows an attacker to deceive users into performing actions they did not intend through the...

5.1CVSS6.3AI score0.00392EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 5:0 a.m.7 views

CVE-2023-51363

VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information...

6.5CVSS6.8AI score0.00285EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:4 a.m.7 views

CVE-2023-37568

ELECOM wireless LAN routers WRC-1167GHBK-S v1.03 and earlier, and WRC-1167GEBK-S v1.03 and earlier allow a network-adjacent authenticated attacker to execute an arbitrary command by sending a specially crafted request to the web management page...

8CVSS7.3AI score0.00382EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/01/14 9:34 a.m.4 views

CVE-2025-20620

SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may obtain the administrative password of the web management page...

7.5CVSS8.1AI score0.00386EPSS
Exploits0References2
CVE
CVE
added 2025/01/14 9:34 a.m.50 views

CVE-2025-20620

CVE-2025-20620 is a SQL Injection affecting STEALTHONE D220/D340 (and related models). The vulnerability could allow an unauthenticated attacker with network access to obtain the administrative password on the web management page. Root cause cited in a PT Security advisory points to lack of prote...

7.5CVSS8.3AI score0.00386EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/06 12:0 a.m.3 views

PT-2025-1296 · Unknown · Stealthone D220/D340

Name of the Vulnerable Software and Affected Versions: STEALTHONE D220/D340 versions up to 6.03.02 Description: A SQL Injection vulnerability exists in the STEALTHONE D220/D340, allowing an attacker who can access the affected product to obtain the administrative password of the web management...

7.8CVSS8.3AI score0.00386EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/01/06 12:0 a.m.3 views

PT-2025-1294 · Unknown · Stealthone D220 +2

Name of the Vulnerable Software and Affected Versions: STEALTHONE D220/D340/D440 affected versions not specified Description: A user with administrative privileges who logs in to the web management page of the affected product may execute an arbitrary OS command. The vulnerability is related to t...

9CVSS7.7AI score0.01118EPSS
Exploits0References9
OSV
OSV
added 2024/09/26 5:15 a.m.5 views

CVE-2024-45372

MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...

6.5CVSS5.7AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/26 4:7 a.m.28 views

CVE-2024-45836

Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the web browser of the user...

0.00243EPSS
Exploits0References1
Rows per page
Query Builder