Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-22827

Malware in sbrugna...

10CVSS6.3AI score0.00619EPSS
Exploits0References3
NVD
NVDadded 2022/10/28 2:15 a.m.8 views

CVE-2021-36206

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries...

10CVSS0.00619EPSS
Exploits0References2
OSV
OSVadded 2022/10/28 2:15 a.m.0 views

CVE-2021-36206

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2022/10/28 2:15 a.m.11 views

Authentication flaw

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries...

5.8CVSS6.6AI score0.00619EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/10/28 1:17 a.m.50 views

CVE-2021-36206

The CVE-2021-36206 issue affects Johnson Controls CEVAS (all CEVAS versions before 1.01.46). The root cause is insufficient validation of user-controllable input, enabling an attacker to bypass authentication and retrieve data via specially crafted SQL queries. Public sources consistently describ...

10CVSS7.3AI score0.00619EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/28 1:17 a.m.5 views

CVE-2021-36206 CEVAS

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries...

10CVSS9.8AI score0.00619EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/10/28 1:17 a.m.13 views

CVE-2021-36206 CEVAS

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries...

10CVSS9.9AI score0.00619EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/10/26 12:0 a.m.2 views

Johnson Controls CKS CEVAS 跨站脚本漏洞

Johnson Controls CKS CEVAS is a web-based billing and reporting solution from Johnson Controls, Inc. It is used for rescue and emergency services. A security vulnerability exists in Johnson Controls CKS CEVAS versions prior to 1.01.46. An attacker exploited the vulnerability to retrieve data via ...

10CVSS6.5AI score0.00619EPSS
Exploits0References4
CISA
CISAadded 2022/10/25 12:0 a.m.12 views

CISA Releases Eight Industrial Control Systems Advisories

CISA has released eight 8 Industrial Control Systems ICS advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

0.8AI score
Exploits0References8
ICS
ICSadded 2022/10/25 12:0 a.m.22 views

Johnson Controls CKS CEVAS

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable Remotely/low attack complexity Vendor: CKS, a subsidiary of Johnson Controls Inc. Equipment: CEVAS Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a user to bypass...

10CVSS7.8AI score0.00619EPSS
Exploits0References5
Rows per page
Query Builder