Lucene search
K

7313 matches found

CNNVD
CNNVD
added 2025/05/13 12:0 a.m.4 views

Shinnku-com 安全漏洞

Shinnku-com is an application by the individual developer of Shinnku. A security vulnerability exists in Shinnku-com v7.1.0, which originates from an arbitrary file read in /api/music/v1/cover.ts...

7.5CVSS6.8AI score0.00468EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/04/30 10:9 a.m.24 views

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS7AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/04/28 10:15 a.m.18 views

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2025/04/28 9:37 a.m.100 views

CVE-2025-3200

CVE-2025-3200 affects the Com-Server component, where an unauthenticated remote attacker could exploit the use of insecure TLS 1.0 and TLS 1.1 to intercept and manipulate encrypted communications between the Com-Server and connected systems. The issue stems from weak cryptographic protocol suppor...

9.1CVSS7.1AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/28 9:37 a.m.14 views

CVE-2025-3200 Com-Server Exposed via Weak TLS

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS7AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/28 9:37 a.m.28 views

CVE-2025-3200 Com-Server Exposed via Weak TLS

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS0.00312EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/28 6:28 a.m.4 views

Malicious code in jd-npm-com-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f205097feb67db492d1ce42f141278ef445cb7792b8c530f866eb0a837e6d47 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/04/28 6:28 a.m.5 views

MAL-2025-3497 Malicious code in jd-npm-com-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f205097feb67db492d1ce42f141278ef445cb7792b8c530f866eb0a837e6d47 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/28 12:0 a.m.3 views

PT-2025-18058 · Unknown · Com-Server

Name of the Vulnerable Software and Affected Versions: Com-Server affected versions not specified Description: An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connecte...

9.1CVSS6.2AI score0.00312EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/04/28 12:0 a.m.4 views

Wiesemann & Theis Com-Server 加密问题漏洞

Wiesemann & Theis Com-Server is a communication server for industrial automation from Wiesemann & Theis that provides connectivity between serial devices and Ethernet. A cryptographic issue vulnerability exists in Wiesemann & Theis Com-Server versions prior to 1.60 that stems from the use of...

9.1CVSS6.4AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/26 1:20 a.m.16 views

CVE-2025-43918

SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that...

6.4CVSS7AI score0.00089EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/23 3:54 p.m.2 views

Malicious code in members.cdbaby.com (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/04/22 3:56 a.m.22 views

kw3.com Cross Site Scripting vulnerability OBB-4047991

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/04/21 6:8 a.m.12 views

krocnews.com Cross Site Scripting vulnerability OBB-4047887

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/04/21 3:26 a.m.11 views

kissin977.com Cross Site Scripting vulnerability OBB-4047813

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/04/11 10:45 a.m.12 views

forum56.com Cross Site Scripting vulnerability OBB-4043620

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Cvelist
Cvelist
added 2025/04/10 8:9 a.m.37 views

CVE-2025-32202 WordPress Insert or Embed Articulate Content into WordPress plugin <= 4.3000000025 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Brian Batt - elearningfreak.com Insert or Embed Articulate Content into WordPress insert-or-embed-articulate-content-into-wordpress allows Upload a Web Shell to a Web Server.This issue affects Insert or Embed Articulate Content into...

9.1CVSS0.00386EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2025/04/08 5:3 p.m.3 views

investors.com Open Redirect vulnerability OBB-4042701

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/04/07 7:16 a.m.2 views

sportingvideo1.com Cross Site Scripting vulnerability OBB-4042496

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/04/02 3:34 p.m.6 views

gt40.com Cross Site Scripting vulnerability OBB-4041865

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder