Lucene search
K

132 matches found

Vulnrichment
Vulnrichment
added 2025/12/03 12:0 a.m.1 views

CVE-2025-64055

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device e.g. file upload, firmware update, reboot... via a crafted authentication bypass...

6.5AI score0.00513EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.6 views

PT-2025-48998

Name of the Vulnerable Software and Affected Versions Fanvil x210 V2 version 2.12.20 Description An issue exists in Fanvil x210 V2 version 2.12.20 that allows unauthenticated attackers on the local network to access administrative functions of the device. These functions include file upload,...

6.7AI score0.00513EPSS
Exploits1References5
CVE
CVE
added 2025/12/03 12:0 a.m.17 views

CVE-2025-64055

CVE-2025-64055 affects Fanvil x210 V2 (firmware 2.12.20). The issue is an unauthenticated authentication bypass on the local network that enables access to administrative functions such as file upload, firmware update, and reboot. The root cause is a crafted bypass that bypasses authentication, g...

9.8CVSS6.5AI score0.00513EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/12/01 8:15 p.m.4 views

CVE-2025-51682

mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...

9.8CVSS5.9AI score0.00424EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/12/01 12:0 a.m.6 views

CVE-2025-51682

mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...

0.00404EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/21 9:30 p.m.8 views

CVE-2025-0504 Black Duck SCA Project Privilege Escalation

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...

5.4CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2025/10/17 2:7 a.m.13 views

CVE-2025-6892

CVE-2025-6892, -6893, and -6894 relate to Moxa network security devices. The connected Red Hat advisories describe a set of API/authorization flaws in Moxa appliances: (CVE-2025-6892) an Incorrect Authorization flaw in API authentication that allows unauthorized privileged operations after login;...

8.7CVSS6.6AI score0.00637EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/09 6:21 a.m.8 views

CVE-2025-11171

The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...

5.3CVSS6.1AI score0.00331EPSS
Exploits3References1
NVD
NVD
added 2025/10/08 6:15 a.m.8 views

CVE-2025-11171

The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...

5.3CVSS0.00331EPSS
Exploits3References5
Cvelist
Cvelist
added 2025/10/08 5:24 a.m.14 views

CVE-2025-11171 Chartify – WordPress Chart Plugin <= 3.5.9 - Missing Authentication for Administrative Function

The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...

5.3CVSS0.00331EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-18724

Malware in sbrugna...

7.2CVSS7AI score0.01438EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-5285

Malware in sbrugna...

7.5CVSS6.4AI score0.07279EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-3023

Malware in sbrugna...

9.3CVSS6.4AI score0.03014EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0339

Malware in sbrugna...

5CVSS6.4AI score0.02099EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-45511

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00532EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54833

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00277EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27195

Malicious code in bioql PyPI...

9.1CVSS6.7AI score0.00668EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-18153

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.00353EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-16584

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00424EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42712

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.02438EPSS
Exploits2References6
Rows per page
Query Builder