Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2025-30869

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00351EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/09/25 2:54 a.m.7 views

CVE-2025-10548

The CleverControl employee monitoring software v11.5.1041.6 fails to validate TLS server certificates during the installation process. The installer downloads and executes external components using curl.exe --insecure, enabling a man-in-the-middle attacker to deliver malicious files that are...

6.5CVSS7.9AI score0.00351EPSS
Exploits0References1
NVD
NVDadded 2025/09/23 7:15 a.m.5 views

CVE-2025-10548

The CleverControl employee monitoring software v11.5.1041.6 fails to validate TLS server certificates during the installation process. The installer downloads and executes external components using curl.exe --insecure, enabling a man-in-the-middle attacker to deliver malicious files that are...

6.5CVSS0.00351EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/23 6:49 a.m.4 views

CVE-2025-10548 Missing Certificate Validation in CleverControl Installer Allows Remote Code Execution

The CleverControl employee monitoring software v11.5.1041.6 fails to validate TLS server certificates during the installation process. The installer downloads and executes external components using curl.exe --insecure, enabling a man-in-the-middle attacker to deliver malicious files that are...

7.7AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/23 6:49 a.m.8 views

CVE-2025-10548 Missing Certificate Validation in CleverControl Installer Allows Remote Code Execution

The CleverControl employee monitoring software v11.5.1041.6 fails to validate TLS server certificates during the installation process. The installer downloads and executes external components using curl.exe --insecure, enabling a man-in-the-middle attacker to deliver malicious files that are...

0.00351EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/23 12:0 a.m.4 views

CleverControl 安全漏洞

CleverControl is an employee computer monitoring software from CleverControl USA. A security vulnerability exists in CleverControl version 11.5.1041.6, which stems from a failure to validate TLS server certificates during installation, and could lead to man-in-the-middle attacks and remote code...

6.5CVSS7.8AI score0.00351EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/23 12:0 a.m.3 views

PT-2025-39149

Name of the Vulnerable Software and Affected Versions CleverControl versions prior to 11.5.1041.6 Description The software does not validate TLS server certificates during installation. The installer uses curl.exe --insecure to download and execute external components, allowing a man-in-the-middl...

6.5CVSS7.7AI score0.00351EPSS
Exploits0References9
Rows per page
Query Builder