Lucene search
+L

5182 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.10 views

CVE-2021-22289

Improper Input Validation vulnerability in the project upload mechanism in B Automation Studio version =4.0 may allow an unauthenticated network attacker to execute code...

9.8CVSS7.2AI score0.00661EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.13 views

CVE-2020-24682

Unquoted Search Path or Element vulnerability in B Industrial Automation Automation Studio, B Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9....

7.8CVSS6.9AI score0.00149EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.5 views

WordPress B Slider- Gutenberg Slider Block for WP plugin <= 1.1.30 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Plugin Installation vulnerability

Authenticated Subscriber+ Missing Authorization to Arbitrary Plugin Installation vulnerability discovered by wesley wcraft in WordPress Plugin B Slider versions = 1.1.30...

8.8CVSS5.5AI score0.00587EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/30 12:32 a.m.7 views

EUVD-2025-205664

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public...

6.5CVSS6.5AI score0.00309EPSS
Exploits1References8
CISA
CISA
added 2025/12/23 12:0 p.m.12 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS Advisory. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-177-01 Mitsubishi Electric Air Conditioning Systems Update B CISA encourages users and administrators to...

6.6AI score
Exploits0References1
CVE
CVE
added 2025/12/22 12:0 a.m.12 views

CVE-2025-65837

PublicCMS V5.202506.b is vulnerable to Cross Site Scripting (XSS) in the Content Search module. The connected documents consistently identify the vulnerable component as the Content Search feature and describe the root cause as an XSS vulnerability. Reported CVSS v3.1 base score is 5.4 (MEDIUM) w...

5.4CVSS5.8AI score0.0014EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/12/22 12:0 a.m.4 views

CVE-2025-65837

PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...

5.4CVSS6.2AI score0.0014EPSS
Exploits1References4
NVD
NVD
added 2025/12/01 8:15 p.m.7 views

CVE-2025-65838

PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method...

7.5CVSS0.00389EPSS
Exploits1References3
CVE
CVE
added 2025/12/01 12:2 a.m.17 views

CVE-2025-13797

The CVE-2025-13797 issue affects ADSLR B-QE2W401 (version 250814-r037c). The vulnerable component is the function parameter del_swifimac in /send_order.cgi, where manipulation enables remote command injection. Exploitation is publicly available and vendor has not responded. No specific patch/vers...

9.8CVSS6.5AI score0.06451EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/01 12:2 a.m.4 views

CVE-2025-13797 ADSLR B-QE2W401 send_order.cgi parameterdel_swifimac command injection

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdelswifimac of the file /sendorder.cgi. Performing manipulation of the argument delswifimac results in command injection. The attack is possible to be carried out remotely. The exploit is...

6.5CVSS6.5AI score0.06451EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/01 12:2 a.m.20 views

CVE-2025-13797 ADSLR B-QE2W401 send_order.cgi parameterdel_swifimac command injection

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdelswifimac of the file /sendorder.cgi. Performing manipulation of the argument delswifimac results in command injection. The attack is possible to be carried out remotely. The exploit is...

6.5CVSS0.06451EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.6 views

PT-2025-48547

PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method...

7AI score0.00389EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

PublicCMS 安全漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version V5.202506.b, which originates from a cross-site request forgery in CkEditorAdminController...

8.8CVSS6.7AI score0.0015EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.6 views

ADSLR B-QE2W401 安全漏洞

The ADSLR B-QE2W401 is a wireless router from China's Flying Fish Star ADSLR. A security vulnerability exists in ADSLR B-QE2W401 version 250814-r037c, which stems from the incorrect operation of the parameter delswifimac in the file /sendorder.cgi, which could lead to command injection...

9.8CVSS6.6AI score0.06451EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.5 views

PT-2025-48400

Name of the Vulnerable Software and Affected Versions ADSLR B-QE2W401 version 250814-r037c Description A command injection issue exists in ADSLR B-QE2W401 250814-r037c. Manipulation of the del swifimac parameter within the /send order.cgi file can lead to command execution. This attack can be...

9.8CVSS6.8AI score0.06451EPSS
Exploits1References13
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.8 views

PublicCMS 安全漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version V5.202506.b, which originates from a server-side request forgery in the SimpleAiAdminController chat interface...

9.1CVSS6.8AI score0.00288EPSS
Exploits1References4
NVD
NVD
added 2025/11/25 7:15 p.m.7 views

CVE-2025-61167

SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...

6.5CVSS0.00183EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-143167

Malicious code in budi-memeq-b npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.1 views

EUVD-2025-139405

Malicious code in nuilva-vmiam-b npm...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/12 5:7 p.m.5 views

CVE-2025-32091

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

8.4CVSS6.5AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder