Lucene search
K

412 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.6 views

CVE-2013-0668

Multiple cross-site scripting XSS vulnerabilities in the HMI web application in Siemens WinCC TIA Portal 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS5.8AI score0.01513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:22 a.m.8 views

CVE-2019-18235

Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack...

9.8CVSS7.5AI score0.01484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:41 a.m.5 views

CVE-2012-4006

The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before...

4.3CVSS6.4AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 10:40 p.m.13 views

CVE-2002-2326

The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic...

5CVSS7.3AI score0.01275EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 9:15 p.m.60 views

CVE-2024-30145

CVE-2024-30145 affects HCL Domino Volt and Domino Leap with multiple vectors enabling client-side script injection (XSS) in the authoring environment and deployed applications. Connected sources confirm XSS via web interfaces; no concrete exploit details or patch/version information are provided ...

6.5CVSS6.6AI score0.0021EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/30 1:41 p.m.18 views

CVE-2025-2865

SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. An attacker with some knowledge of the web application could send a malicious request to the victim users. Through this request, the victims would interpret the code...

2.4CVSS6.3AI score0.0017EPSS
Exploits0References3
Circl
Circl
added 2025/03/18 6:13 p.m.10 views

CVE-2025-25590

creationtimestamp| type| source ---|---|--- 2025-03-18 18:13:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkobieajod2x...

6.1CVSS6.9AI score0.00181EPSS
Exploits1References1
NVD
NVD
added 2025/03/05 6:15 a.m.21 views

CVE-2025-27678

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Client Remote Code Execution V-2023-001...

9.8CVSS0.01201EPSS
Exploits1References3
NVD
NVD
added 2025/03/05 6:15 a.m.14 views

CVE-2025-27640

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows SQL Injection V-2024-012...

9.8CVSS0.00682EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 12:0 a.m.41 views

CVE-2025-27642

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Unauthenticated Driver Package Editing V-2024-008...

0.00832EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 10:50 p.m.5 views

CVE-2022-1575

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary remote code execution in the desktop app. - Stored XSS in the web app...

9.6CVSS6.7AI score0.02273EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/12 1:49 p.m.21 views

CVE-2024-28146 Hardcoded credentials

The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...

7AI score0.00267EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/09/23 12:0 a.m.9 views

Synology Router Manager (SRM) 1.3.x Multiple Vulnerabilities (Synology-SA-24:09) - Remote Known Vulnerable Versions Check

Synology Router Manager SRM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS6.3AI score0.0026EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/12/28 12:0 a.m.22 views

Moodle < 3.9.25, 3.11.x < 3.11.18, 4.0.x < 4.0.12, 4.1.x < 4.1.7, 4.2.x < 4.2.4, 4.3.x < 4.3.1 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

7.3AI score
Exploits0References7
OSV
OSV
added 2023/07/13 10:15 a.m.14 views

CVE-2023-29457

Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts...

6.1CVSS9.2AI score
Exploits0References3
Imperva Blog
Imperva Blog
added 2023/07/11 1:15 p.m.29 views

The Battle Against Business Logic Attacks: Why Traditional Security Tools Fall Short

As the digital landscape continues to evolve, so do the tactics utilized by bad actors that are seeking to exploit application vulnerabilities. Among the most insidious types of attacks are business logic attacks BLAs. Unlike known attacks, which can be identified by signatures or patterns, such ...

8.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/06/02 12:0 a.m.7 views

CVE-2023-25749

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. This bug only affects Firefox for Android. Other version...

6.6AI score0.00384EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/05/25 12:0 a.m.30 views

TeamPass < 3.0.9 Multiple Vulnerabilities

TeamPass is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:teampass:teampass"; ifdescription...

9CVSS6.9AI score0.01649EPSS
Exploits8References8
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.15 views

TeamPass < 3.0.7 Multiple Vulnerabilities

TeamPass is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:teampass:teampass"; ifdescription...

7.1CVSS5.6AI score0.00612EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2023/04/21 12:0 a.m.21 views

Mailman < 3.3.5 REST API Vulnerability

Mailman is prone to a vulnerability in the REST API. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gnu:mailman"; ifdescription...

6.3CVSS6.1AI score0.00299EPSS
Exploits0References1
Rows per page
Query Builder