Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.4 views

PT-2025-50368

Name of the Vulnerable Software and Affected Versions 1Panel versions 1.10.33 through 2.0.15 Description The software contains a cross-site request forgery CSRF issue in the web port configuration functionality. The port-change endpoint does not have CSRF protections, such as anti-CSRF tokens or...

7CVSS6.9AI score0.00144EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/11/17 6:46 a.m.4 views

CVE-2025-13165 Digiwin|EasyFlow GP - Denial of service

EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service...

8.7CVSS0.0036EPSS
Exploits0References2
CVE
CVE
added 2025/11/17 6:46 a.m.10 views

CVE-2025-13165

CVE-2025-13165 concerns Digiwin EasyFlow GP. The vulnerability is a Denial of Service via unauthenticated remote requests that can crash or deny the web service. The initial records attribute a high impact (availability) with network access and no privileges required, but exploitation details are...

8.7CVSS6.6AI score0.0036EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-14883

Malware in sbrugna...

4.9CVSS5.2AI score0.0181EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16878

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00745EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.5 views

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an attacker to disclose sensitive information and also cause service failures.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information, as well as cause service failures...

7.8CVSS6.7AI score0.00421EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/04/06 5:15 a.m.4 views

CVE-2021-28183

The specific function in ASUS BMC’s firmware Web management page Web License configuration setting does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the...

4.9CVSS5.9AI score0.0181EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/07/14 12:0 a.m.3 views

The vulnerability of the EKOM-3000 data collection and transmission device, which arises due to insufficient verification of input data, allows a perpetrator to cause temporary service interruption of the device’s web service.

The vulnerability of the ECOOM-3000 data collection and transmission device exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to temporarily disrupt the web service of the device’s operation...

5.3CVSS5.5AI score
Exploits0Affected Software1
The Coalfire Blog
The Coalfire Blog
added 2011/04/26 12:53 a.m.24 views

Trust the ‘Cloud’ (just make sure you have it examined first)

In the wake of Amazons Web Service disruption over the past few days we think it is important to look at the case a little closer...

2AI score
Exploits0
Rows per page
Query Builder