Lucene search
K

38 matches found

OSV
OSV
added 2026/05/06 10:11 p.m.4 views

GHSA-Q98M-7W8C-W388 Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component

Summary Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows...

6.1CVSS6AI score0.00183EPSS
Exploits1References3
OSV
OSV
added 2026/03/30 6:16 p.m.1 views

DEBIAN-CVE-2025-66037

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzzpkcs15reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, scpkcs15pubkeyfromspkifields allocates a zero-length buffer...

6.8CVSS5.4AI score0.00253EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.5 views

CVE-2026-32757

Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...

5.4CVSS5.8AI score0.00227EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.9 views

CVE-2018-12258

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting...

7.2CVSS7AI score0.00454EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.13 views

CVE-2019-12919

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved o...

5.5CVSS7AI score0.00353EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-7145

Malware in sbrugna...

7.2CVSS6.6AI score0.00808EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9269

Malware in sbrugna...

10CVSS9.5AI score0.01354EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6921

Malware in sbrugna...

7.5CVSS7.5AI score0.01526EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-2075

Malware in sbrugna...

2.1CVSS6.4AI score0.00329EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30980

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01858EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-17315

Malicious code in bioql PyPI...

6.8CVSS5AI score0.00252EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.5 views

PT-2025-31105 · Unknown · Marbella Kr8S Dashcam

Name of the Vulnerable Software and Affected Versions: Marbella KR8s Dashcam FF version 2.0.8 Description: An issue exists where the existing password is written in cleartext onto a newly inserted SD card. An attacker with temporary physical access to the device can steal the password by swapping...

9.8CVSS6.4AI score0.00286EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.6 views

CVE-2023-41818

An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs...

5CVSS6.7AI score0.00149EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:56 p.m.10 views

CVE-2021-3615

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262...

6.8CVSS7.6AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 p.m.6 views

CVE-2020-18329

An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface...

7.5CVSS7.3AI score0.00934EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:22 a.m.10 views

CVE-2013-1176

The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.32.30, TelePresence MCU MSE 8510 devices before 4.32.30, and TelePresence Server before 2.31.55 does not properly validate H.264 data, which allows remote attackers to cause a denial of service device reload via crafted RTP...

7.1CVSS7AI score0.01169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 a.m.5 views

CVE-2019-16398

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

7.2CVSS8.1AI score0.00808EPSS
Exploits1References1
NVD
NVD
added 2025/03/17 3:15 p.m.13 views

CVE-2025-25650

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5433WBSKv2.2220605 allows attackers to produce cloned NFC cards to bypass authentication...

9.1CVSS0.00809EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/17 12:0 a.m.6 views

CVE-2025-25650

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5433WBSKv2.2220605 allows attackers to produce cloned NFC cards to bypass authentication...

6.5AI score0.00809EPSS
Exploits0References3
CVE
CVE
added 2024/05/03 2:3 p.m.51 views

CVE-2023-41818

CVE-2023-41818 affects the Motorola Device Help application. Root cause: improper use of the SD card for sensitive data. Impact: a local attacker could read system logs. CVSSv3.1 metrics indicate Local attack, Low attack complexity, Low privileges, User interaction required, Confidentiality impac...

5CVSS6.5AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder