Lucene search
K

407 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.6 views

The vulnerability of the API interface of the boiler controller MyHeat GO allows a hacker to gain unauthorized access to the controller.

The vulnerability of the API interface of the MyHeat GO boiler controller is related to the use of default login credentials. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the controller by using the standard login credentials...

7.5CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.8 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system’s optimizer is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

6.8CVSS7.1AI score0.00517EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.7 views

The vulnerability of the Web Container component of the Oracle WebLogic Server application allows a attacker to gain access to read, modify, or delete data.

The vulnerability of the Web Container server component of the Oracle WebLogic Server application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

6.4CVSS7.2AI score0.00238EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.8 views

The vulnerability of the Oracle Database component of the Oracle Database Server system allows a hacker to gain full control over the application.

The vulnerability of the Oracle Database component of the Oracle Database Server system is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain full control over the application...

9CVSS7.5AI score0.0033EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.10 views

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of authentication mechanisms. This allows attackers to gain unauthorized access to protected information.

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected informati...

4CVSS5.4AI score0.0031EPSS
Exploits0References2Affected Software3
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.5 views

Nokia Single RAN 安全漏洞

Nokia Single RAN is a wireless network technology from Nokia, Finland. A security vulnerability exists in Nokia Single RAN 23R4-SR prior to version 3.0 MP, which stems from an insufficient authentication mechanism that could lead to elevated privileges...

7.1CVSS6.8AI score0.00169EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.7 views

The vulnerability of the Form_Login() function in the Totolink T6 router’s software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the FormLogin function in the microprogramming software of the TOTOLink T6 system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

8.8CVSS7.6AI score0.00747EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.4 views

The vulnerability of the ServerConfig.PublicKeyCallback() function in the Go programming language library allows a hacker to bypass security restrictions.

The vulnerability of the ServerConfig.PublicKeyCallback function in the Go programming language library is related to deficiencies in the authentication process when handling keys. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote locati...

9.4CVSS6.7AI score0.03153EPSS
Exploits2References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.5 views

The vulnerability of the monitoring tool for Synthetics in the Kibana data visualization service allows a violator to increase their privileges.

The vulnerability of the monitoring tool for Synthetics in the Kibana data visualization service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to increase their privileges by sending a specially crafted HTTP request...

8CVSS5.5AI score0.00352EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.8 views

The vulnerability of the graphics processor in microprogrammed software embedded in Qualcomm chips allows attackers to execute arbitrary commands.

The vulnerability of the graphics processor in embedded Qualcomm software systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

8.6CVSS8.4AI score0.00435EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/06/14 12:0 a.m.7 views

The vulnerability of the Enterprise Event Enablement component of the SAP S/4HANA software platform allows a malicious actor to elevate their privileges and execute arbitrary code.

The vulnerability of the Enterprise Event Enablement component of the SAP S/4HANA software platform is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

8.7CVSS5.8AI score0.0036EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/06/03 12:0 a.m.21 views

The vulnerability of the IBM Guardium Data Protection platform regarding data security protection, related to deficiencies in the authentication mechanism, allows attackers to disclose the protected information.

The vulnerability of the IBM Guardium Data Protection platform relates to deficiencies in its authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

4.3CVSS5.4AI score0.00249EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.9 views

The vulnerability of Microsoft Windows Defender for Identity allows a perpetrator to perform a substitution through the neighboring network.

The vulnerability of Microsoft Windows Defender operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to perform substitution attacks through the neighboring network...

6.5CVSS8.1AI score0.00626EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.8 views

The vulnerability of MacOS operating systems, related to the lack of authentication, allows attackers to gain unauthorized access to protected information.

The vulnerability of MacOS operating systems is related to the lack of authentication. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

10CVSS5.4AI score0.00974EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.7 views

The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication mechanism, allows attackers to gain unauthorized access to protected information.

The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

9.1CVSS5.5AI score0.09517EPSS
Exploits0References3
OSV
OSV
added 2025/05/07 2:15 a.m.5 views

CVE-2025-3218

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access...

5.4CVSS5.7AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.7 views

Misskey 路径遍历漏洞

Misskey is a perpetually free open source federated social media platform from Misskey Open Source. A path traversal vulnerability exists in Misskey versions prior to 12.31.0 through 2025.4.1, which stems from insufficient Mk:api authentication and could lead to unauthorized access to endpoints...

7.5CVSS6.6AI score0.0037EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/02 12:9 p.m.15 views

CVE-2025-24342

A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests...

5.3CVSS7AI score0.00353EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.12 views

The vulnerability of the course_can_delete_section() function in the virtual learning environment Moodle, which allows a violator to increase their privileges

The vulnerability of the coursecandeletesection function in the virtual learning environment Moodle is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...

4.3CVSS5.5AI score0.00273EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.9 views

The vulnerability of the SAP Commerce Cloud e-commerce platform, related to deficiencies in authentication procedures, allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of the SAP Commerce Cloud e-commerce platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of the protected information...

4.2CVSS5.5AI score0.00219EPSS
Exploits0References3
Rows per page
Query Builder