Lucene search
+L

193 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-2958

Malware in sbrugna...

9.8CVSS9.2AI score0.01065EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-21348

Malware in sbrugna...

7.8CVSS7.6AI score0.00403EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-43509

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01266EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19506

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00353EPSS
Exploits2References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/02 12:0 a.m.11 views

JVN#89505333: Multiple vulnerabilities in Active! mail

Active! mail provided by QUALITIA CO., LTD. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1 CVE-2025-52462 Cross-site request...

6.1CVSS7.2AI score0.00193EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/08 5:17 a.m.18 views

CVE-2025-36513

Cross-site request forgery vulnerability exists in surveillance cameras provided by i-PRO Co., Ltd.. If a user views a crafted page while logged in to the affected product, unintended operations may be performed...

5.1CVSS4.5AI score0.00126EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 4:29 a.m.55 views

CVE-2025-36513

CVE-2025-36513 is a CSRF vulnerability in i-PRO Co., Ltd. surveillance cameras. When a logged-in user views a crafted page, unintended operations may be performed. Affected products: i-PRO surveillance cameras (multiple models). Root cause: Cross-Site Request Forgery (CSRF, CWE-352). Impact: pote...

5.1CVSS4.6AI score0.00126EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/06 4:29 a.m.6 views

CVE-2025-36513

Cross-site request forgery vulnerability exists in surveillance cameras provided by i-PRO Co., Ltd.. If a user views a crafted page while logged in to the affected product, unintended operations may be performed...

5.1CVSS6.8AI score0.00126EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/29 12:33 p.m.45 views

CVE-2025-48046 MICI Network Co. Ltd. NetFax Server Disclosure of Stored Passwords in Cleartext

An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint...

5.3CVSS0.00466EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/29 12:29 p.m.9 views

CVE-2025-48045 MICI Network Co. Ltd. NetFax Server Default Administrator Credentials Disclosure

An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials...

8.7CVSS7.2AI score0.00556EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/18 12:0 a.m.33 views

JVN#22348866: Active! mail vulnerable to stack-based buffer overflow

Active! mail provided by QUALITIA CO., LTD. contains a stack-based buffer overflow vulnerability CWE-121. The developer states that attacks exploiting the vulnerability has been observed. Impact Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead t...

9.8CVSS8AI score0.03084EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/01/27 12:0 a.m.6 views

CVE-2024-56968

An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...

6AI score0.0031EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/10 12:0 a.m.5 views

Command Execution Vulnerability in Internet Behavior Management System of Beijing Tianrongxin Technology Co.

Ltd. is an information security product and service solution provider. A command execution vulnerability exists in the Internet behavior management system of Beijing Tianrongxin Technology Co., Ltd, which can be exploited by attackers to execute arbitrary commands...

7.8AI score
Exploits0
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.27 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/18 6:7 a.m.19 views

CVE-2024-41929

Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

7.4AI score0.00513EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/28 12:0 a.m.71 views

CVE-2024-42905

Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function in the code/function/system/tool/ping.php file...

0.15482EPSS
Exploits0References2
CNVD
CNVD
added 2024/07/31 12:0 a.m.6 views

Command Execution Vulnerability in Tianrongxin Internet Behavior Management System of Beijing Tianrongxin Technology Co. Ltd (CNVD-2024-37302)

Beijing Tianrongxin Technology Co., Ltd. is a solution provider of information security products and services in China. Beijing Tianrongxin Technology Co., Ltd Tianrongxin Internet behavior management system has a command execution vulnerability that can be exploited by attackers to gain control ...

7.4AI score
Exploits0
CNVD
CNVD
added 2024/07/25 12:0 a.m.1 views

SQL Injection Vulnerability in WisdomWater Business Charge Management System of New Day Technology Co. Ltd (CNVD-2024-36424)

Xintian Technology Co., Ltd. is an enterprise mainly engaged in the instrumentation manufacturing industry. A SQL injection vulnerability exists in the WisdomWater WisdomWater Business Charge Management System of Xintian Technology Co. Ltd. that can be exploited by attackers to obtain sensitive...

7.5AI score
Exploits0
Cvelist
Cvelist
added 2024/07/17 8:47 a.m.32 views

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

0.0075EPSS
Exploits0References3
CNVD
CNVD
added 2024/07/16 12:0 a.m.3 views

KingH5Stream of Beijing Asian Control Technology Development Co. Ltd. suffers from a logic flaw vulnerability (CNVD-2024-35270)

Beijing Asian Control Technology Development Co., Ltd. is a high-tech enterprise founded in 1997 as a software platform for industrial automation and informatization. A logic flaw vulnerability exists in KingH5Stream of Beijing Asian Control Technology Development Co. Ltd, which can be exploited ...

6.8AI score
Exploits0
Rows per page
Query Builder