Lucene search
K

832 matches found

CVE
CVE
added 2026/01/13 3:34 p.m.29 views

CVE-2025-71091

The CVE-2025-71091 issue is in the Linux kernel: when a port is disabled but queue priority changes are processed, team_queue_override_port_prio_changed() could run a del on an already-removed list node, triggering a kernel bug. The fix adds an early return when the port is not enabled to avoid t...

7.8CVSS6.1AI score0.0012EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.5 views

CVE-2023-25131

Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and...

9.8CVSS7AI score0.00968EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:38 a.m.4 views

CVE-2017-20214

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be changed through normal camera operations. Attackers can leverage these persistent, unmodifiable credentials to gain unauthorized remote access to the thermal camera system...

9.3CVSS7.3AI score0.00282EPSS
Exploits1References1
CVE
CVE
added 2026/01/07 11:10 p.m.13 views

CVE-2019-25291

CVE-2019-25291 affects INIM Electronics Smartliving SmartLAN/G/SI versions 6.x and earlier, where hard-coded credentials are baked into the Linux distribution image and cannot be changed via normal device operations. This enables attackers to log in and gain unauthorized system access across mult...

9.3CVSS6.7AI score0.00366EPSS
Exploits0References5
OSV
OSV
added 2025/12/24 8:15 p.m.4 views

CVE-2018-25138

FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...

9.8CVSS5.8AI score0.00523EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.9 views

PT-2025-53358

FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...

9.3CVSS7.8AI score0.00523EPSS
Exploits2References4
OSV
OSV
added 2025/12/10 12:16 a.m.5 views

CVE-2025-61821

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and data on the server...

8.6CVSS5.9AI score0.0045EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 12:16 a.m.3 views

CVE-2025-61822

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could exploit this vulnerability to write malicious files to arbitrary locations on the file system. Exploitation of this...

6.2CVSS5.9AI score0.00637EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 12:16 a.m.6 views

CVE-2025-61811

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. A high privileged attacker could leverage this vulnerability to bypass security measures and execute...

9.1CVSS6.3AI score0.01048EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 11:41 p.m.41 views

CVE-2025-61808 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could lead to arbitrary code execution by a high priviledged attacker. Exploitation of this issue does not require user interaction and scope is changed...

9.1CVSS0.08453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 11:41 p.m.4 views

CVE-2025-61808 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could lead to arbitrary code execution by a high priviledged attacker. Exploitation of this issue does not require user interaction and scope is changed...

9.1CVSS7.3AI score0.08453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 11:41 p.m.3 views

CVE-2025-61822 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could exploit this vulnerability to write malicious files to arbitrary locations on the file system. Exploitation of this...

6.2CVSS6.5AI score0.00637EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50287

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.4, 2023.16, and 2021.22 and earlier Description ColdFusion is affected by an Improper Restriction of XML External Entity Reference 'XXE' issue that could allow an attacker to read arbitrary files from the system. An...

8.6CVSS6AI score0.0045EPSS
Exploits0References9
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-186281 Malicious code in config-xml-sirius-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a58415b6cbe6528432cf6e1e8cd55074b566f71bef9a5cda12bcd5ebc971b522 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in build-perseus-repository-asteroid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27053231811897d728e75138a8e6197e848557505ca26f8741717e627d78716b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in electron-postcss-loader-yaml-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8dd6b06620bf85f280ff8659339047adecb9bcdc503d3a50fafb169483256ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in ursa-process-query-metabolomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d9eb276d7c42a3eb8d32f6a4fd0ec8a87d3a091523a686fbe495218f0f56f05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in array-load-sandbox-code-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c0b8b8fba52d623ff84606663460a4fbe8b7ac106f45386569fde446edc9b6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in ichnology-archaeogenetics-repository-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d427b21d1e1c3f178b62ed1bf3f46c5e28790ff762162804d7d4a5e0be1a2757 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in jest-astro-despina-aurora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 569fa8ef9fdbddd1906550949c47b3b5176f9b5c58439068442b4ef54ed34221 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder