Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/03/16 3:30 p.m.4 views

EUVD-2026-12109

A third-party NAT traversal module fails to validate SSL/TLS certificates when connecting to the signaling server. While subsequent access to device services requires additional authentication, a Man-in-the-Middle MitM attacker can intercept or redirect the NAT tunnel establishment. This could...

9.8CVSS5.8AI score0.01733EPSS
Exploits0References14
Vulnrichment
Vulnrichmentadded 2026/02/25 5:52 a.m.5 views

CVE-2026-3100 An improper certificate validation vulnerability was found in the FTP Backup on the ADM.

The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...

8.3CVSS6AI score0.00179EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/03 3:50 a.m.3 views

CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.

When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...

9.5CVSS5.7AI score0.00779EPSS
Exploits0References1
NVD
NVDadded 2026/02/03 3:15 a.m.9 views

CVE-2026-24933

The API communication component fails to validate the SSL/TLS certificate when sending HTTPS requests to the server. An improper certificates validation vulnerability allows an unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to intercept the cleartext communication,...

8.9CVSS0.00204EPSS
Exploits0References1
OSV
OSVadded 2023/08/22 7:16 p.m.3 views

CVE-2023-4475

An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master ADM allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References1
OSV
OSVadded 2023/05/31 10:15 a.m.1 views

CVE-2023-2909

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below...

10CVSS7.3AI score0.00673EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/05/31 12:0 a.m.4 views

ASUSTOR Data Master 路径遍历漏洞

ASUSTOR Data Master is an operating system exclusively on the ASUSTOR NAS from China's ASUS, featuring a tablet-like graphical interface comparable to a zero-learning curve, making it easy to get started right away. A security vulnerability exists in ASUSTOR Data Master ADM that stems from an...

10CVSS8.4AI score0.00673EPSS
Exploits0References2
Rows per page
Query Builder