Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Nuclei
Nucleiadded 15 hours ago55 views

NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure

NETGEAR DGN2200 / DGND3700 is susceptible to a vulnerability within the page 'BSWcxttongr.htm' which can allow a remote attacker to access this page without any authentication. The attacker can then use this password to gain administrator access of the targeted router's web interface. id:...

9.8CVSS8.4AI score0.27215EPSS
Exploits6References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-2543

Malware in sbrugna...

10CVSS9.5AI score0.02553EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/08 6:39 a.m.9 views

CVE-2025-41664 Improper Permission Handling Enables Unauthorized Access to Firmware and Certificates

A low-privileged remote attacker could gain unauthorized access to critical resources, such as firmware and certificates, due to improper permission handling during the runtime of services e.g., FTP/SFTP. This access could allow the attacker to escalate privileges and modify firmware...

7.5CVSS0.00217EPSS
Exploits0References1
Talos Blog
Talos Blogadded 2025/08/20 1:0 p.m.5 views

Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

Static Tundra is a Russian state-sponsored cyber espionage group linked to the FSB's Center 16 unit that has been operating for over a decade, specializing in compromising network devices for long-term intelligence gathering operations. The group actively exploits a seven-year-old vulnerability...

10CVSS10AI score0.9951EPSS
Exploits2
NVD
NVDadded 2025/06/18 2:15 p.m.5 views

CVE-2025-45784

D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVISUSERPASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially...

9.8CVSS0.00489EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/23 12:48 a.m.8 views

CVE-2022-22273

Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access SRA products and older firmware versions of Secure Mobile Access SMA 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier...

9.8CVSS7.5AI score0.01906EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:46 a.m.4 views

CVE-2013-5030

Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructing a crafted URI after receiving an authentication error for an arbitrary login attempt...

7.2CVSS7.6AI score0.02123EPSS
Exploits5References1
Cvelist
Cvelistadded 2025/05/20 12:0 a.m.10 views

CVE-2025-44084

D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system...

0.17573EPSS
Exploits0References1
Rows per page
Query Builder