Lucene search
K

2439 matches found

OSV
OSV
added 2025/06/26 2:15 p.m.4 views

UBUNTU-CVE-2025-6710

MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which coul...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References3
Gitee
Gitee
added 2025/06/25 11:17 p.m.98 views

metasploit-framework

This repository is an offensive tool for Metasploit Framework. The primary CVE ID is not explicitly mentioned, but it is likely related to the Metasploit Framework itself. The target product/service or framework is Metasploit Framework, a penetration testing platform. The vulnerability class/vect...

7.9AI score
Exploits0
NVD
NVD
added 2025/06/25 6:15 p.m.7 views

CVE-2025-5827

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authenticati...

8.8CVSS0.00326EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/25 6:1 p.m.8 views

CVE-2025-5823 Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is...

4.9CVSS0.00453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/25 6:1 p.m.4 views

CVE-2025-5823 Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is...

4.9CVSS6.3AI score0.00453EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/06/22 4:13 p.m.263 views

Exploit for CVE-2025-49113

CVE-2025-49113 Scanner 🔍 Description A powerful, multi-me...

9.9CVSS10AI score0.89462EPSS
Exploits29
Zero Day Initiative
Zero Day Initiative
added 2025/06/17 12:0 a.m.5 views

SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Serv-U. Authentication is required to exploit this vulnerability. The specific flaw exists within the FTP service, which listens on TCP port 21 by default. The issue results from the lack ...

7.5CVSS8.4AI score0.06328EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/17 12:0 a.m.4 views

SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AjaxProxy. The issue results from the lack of proper validation of...

9.8CVSS7.2AI score0.36619EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.5 views

Palo Alto Networks PAN-OS 10.2.x < 10.2.8 / 11.0.x < 11.0.3 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. A command injection vulnerability in Palo Alto Networks PAN-OS enables an authenticated administrative user to perform actions as...

8.6CVSS5.8AI score0.01024EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.11 views

Trend Micro Worry-Free Business Security Uncontrolled Search Path Element Arbitrary Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Trend Micro Worry-Free Business Security. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The process loads an...

6.8CVSS7.5AI score0.00244EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.6 views

(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the Autel Technician API...

4.9CVSS6.5AI score0.00453EPSS
Exploits0
NVD
NVD
added 2025/06/10 3:15 p.m.8 views

CVE-2025-26394

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

4.8CVSS0.00174EPSS
Exploits0References2
OSV
OSV
added 2025/06/10 3:15 p.m.4 views

CVE-2025-26394

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

4.8CVSS5.7AI score0.00174EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/10 2:39 p.m.8 views

CVE-2025-26394 SolarWinds SWOSH Open Redirection Vulnerability

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

4.8CVSS0.00174EPSS
Exploits0References2
CVE
CVE
added 2025/06/10 2:39 p.m.53 views

CVE-2025-26394

CVE-2025-26394 affects SolarWinds Observability Self-Hosted and is an open redirection vulnerability caused by insufficient URL sanitization. The core issue is improper URL cleanup that could redirect users to a malicious site. The CVE entry lists CVSS v3.1 base score 4.8 (Medium) with adjacent a...

4.8CVSS5.1AI score0.00174EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/10 2:39 p.m.3 views

CVE-2025-26394 SolarWinds SWOSH Open Redirection Vulnerability

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

4.8CVSS5.5AI score0.00174EPSS
Exploits0References2
OSV
OSV
added 2025/06/10 11:49 a.m.7 views

BIT-MARIADB-MIN-2022-24052

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.6AI score0.00645EPSS
Exploits0References7
OSV
OSV
added 2025/06/10 11:49 a.m.6 views

BIT-MARIADB-MIN-2022-24050

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

7.8CVSS7.6AI score0.00598EPSS
Exploits0References7
OSV
OSV
added 2025/06/10 11:49 a.m.3 views

BIT-MARIADB-MIN-2022-24048

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.6AI score0.00645EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.4 views

PT-2025-24677 · Siemens · Scalance Xr326-8 Eec +20

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RST2428P versions prior to V3.2 SCALANCE XC316-8 versions prior to V3.2 SCALANCE XC324-4 versions prior to V3.2 SCALANCE XC324-4 EEC versions prior to V3.2 SCALANCE XC332 versions prior to V3.2 SCALANCE XC416-8 versions prior to V3....

5.9CVSS6.3AI score0.00247EPSS
Exploits0References3
Rows per page
Query Builder