Lucene search
K

1288 matches found

NVD
NVD
added 2025/11/05 6:15 a.m.4 views

CVE-2025-21078

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications...

8.8CVSS0.00187EPSS
Exploits0References1
CVE
CVE
added 2025/11/05 5:41 a.m.18 views

CVE-2025-21078

CVE-2025-21078 affects Samsung Smart Switch prior to version 3.7.68.6. The root cause is the use of an insufficiently random value for the secretKey, which could allow adjacent attackers to access application backups. Public sources in the connected documents consistently describe this impact and...

8.8CVSS6.4AI score0.00187EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/05 12:0 a.m.3 views

EUVD-2025-37899

Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands...

9.9CVSS7.8AI score0.00537EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.7 views

PT-2025-45078

Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.68.6 Description The use of an insufficiently random value for the secretKey in Smart Switch allows nearby attackers to gain access to backup data from applications. Recommendations Update to version 3.7.68.6...

8.8CVSS6.8AI score0.00187EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/25 4:22 a.m.13 views

CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure

The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...

5.3CVSS4.5AI score0.00254EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/23 3:14 p.m.3 views

CVE-2025-52763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

7.1CVSS6.4AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.5 views

EUVD-2025-35475

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

5.9AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 3:15 p.m.3 views

CVE-2025-52763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

7.1CVSS0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.2 views

CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.7 views

CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

7.1CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.6 views

CVE-2025-52763

The CVE-2025-52763 entry concerns the NickDuncan Nifty Backups WordPress plugin (

7.1CVSS6AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.6 views

PT-2025-43247

Name of the Vulnerable Software and Affected Versions NickDuncan Nifty Backups versions through 1.08 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting issue. This allows for the injection of...

7.1CVSS6.4AI score0.00228EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.3 views

WordPress plugin Nifty Backups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
Veeam
Veeam
added 2025/10/16 12:0 a.m.17 views

Service Provider Migration to Unified Veeam Data Cloud FAQ

Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning Veeam Cloud Service Providers VCSPs and their customers to Veeam Data Cloud, a unified multi-workload interface. This new experience allows you to manage...

6.6AI score
Exploits0
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.5 views

Microsoft Windows BitLocker 安全漏洞

Microsoft Windows BitLocker is a Microsoft Corporation USA BitLocker Ensure secure backup of recovery keys before activating protection. A security vulnerability exists in Microsoft Windows BitLocker that originates from an attacker's ability to bypass certain features by exploiting the...

6.1CVSS9AI score0.02891EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/10/11 1:30 p.m.11 views

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that...

9.8CVSS6.7AI score0.15694EPSS
Exploits0
CVE
CVE
added 2025/10/10 6:33 a.m.14 views

CVE-2025-21060

CVE-2025-21060 affects Samsung Smart Switch prior to version 3.7.67.2, where cleartext storage of sensitive information in backups allows local attackers to access application backup data after user interaction triggers the vulnerability. The underlying issue is the storage of backup data in clea...

5.5CVSS5.8AI score0.00092EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/10 6:33 a.m.4 views

EUVD-2025-33673

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability...

5.5CVSS5.7AI score0.00092EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-41520

Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.67.2 Description A flaw exists in Smart Switch that allows local attackers to access backup data from applications due to the cleartext storage of sensitive information. User interaction is required to trigge...

5.5CVSS6AI score0.00092EPSS
Exploits0References4
HackRead
HackRead
added 2025/10/09 8:53 p.m.4 views

SonicWall Says All Firewall Backups Were Accessed by Hackers

SonicWall has confirmed that attackers accessed cloud backup configuration files for all customers using its backup service exposing encrypted credentials and network configurations...

7.1AI score
Exploits0
Rows per page
Query Builder