Lucene search
K

6330 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-4255

Malware in sbrugna...

7.5CVSS6.4AI score0.03361EPSS
Exploits1References15
Circl
Circl
added 2025/10/05 10:2 a.m.7 views

CVE-2017-9965

creationtimestamp| type| source ---|---|--- 2025-10-05 10:02:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-9965.yaml...

5.8CVSS6AI score0.04612EPSS
Exploits1References1
Circl
Circl
added 2025/10/05 8:40 a.m.6 views

CVE-2018-11511

creationtimestamp| type| source ---|---|--- 2025-10-05 08:40:40+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2018/CVE-2018-11511.yaml 2025-10-06 21:02:22+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m2kj4bihhq2q 2025-12-07...

9.8CVSS7AI score0.11176EPSS
In wildExploits7References5
Positive Technologies
Positive Technologies
added 2025/10/05 12:0 a.m.10 views

PT-2025-40793

A vulnerability was found in Frappe LMS 2.34.x/2.35.0. The impacted element is an unknown function of the component Incomplete Fix CVE-2025-55006. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made public and could be...

8.8CVSS5.8AI score0.00361EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28395

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00441EPSS
Exploits1References4
Circl
Circl
added 2025/10/01 6:49 p.m.10 views

CVE-2025-27223

creationtimestamp| type| source ---|---|--- 2025-10-01 18:49:45+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27223.yaml 2025-10-02 21:02:26+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m2ahapki2u26 2025-10-18...

7.5CVSS5.8AI score0.02102EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/10/01 7:42 a.m.3 views

CVE-2025-39894

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check confirmed bit in brnflocalin after confirm When send a broadcast packet to a tap device, which was added to a bridge, brnflocalin is called to confirm the conntrack. If another conntrack with...

5.5CVSS5.3AI score0.0014EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/29 8:34 p.m.25 views

CVE-2025-34234 Vasion Print (formerly PrinterLogic) Hardcoded Encryption Private Keys

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

9.2CVSS0.00382EPSS
Exploits1References4
Circl
Circl
added 2025/09/29 3:18 a.m.4 views

CVE-2025-54249

creationtimestamp| type| source ---|---|--- 2025-09-29 03:18:25+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-54249.yaml 2025-09-30 21:02:43+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m23gd7gjji2j 2025-10-18...

6.5CVSS4.8AI score0.01811EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.6 views

PT-2025-39897

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and Application deployments contain hardcoded private keys stored in clear text...

9.2CVSS6.5AI score0.00382EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.5 views

PT-2025-39885

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413 Description The /api-gateway/identity/search-groups API endpoint does not require authentication. An unauthenticated remote attacker can enumerate eve...

6.9CVSS6.7AI score0.0065EPSS
Exploits1References8
Circl
Circl
added 2025/09/24 1:50 p.m.7 views

CVE-2020-36719

creationtimestamp| type| source ---|---|--- 2025-09-24 13:50:13+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-36719.yaml...

9.8CVSS8.7AI score0.04304EPSS
Exploits1References1
Circl
Circl
added 2025/09/24 9:47 a.m.7 views

CVE-2020-36705

creationtimestamp| type| source ---|---|--- 2025-09-24 09:47:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/passive/cves/2020/CVE-2020-36705.yaml...

9.8CVSS6AI score0.06944EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/09/24 6:24 a.m.3 views

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

Libraesva has released a security update to address a vulnerability in its Email Security Gateway ESG solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689 , carries a CVSS score of 6.1, indicating medium severity. "Libraesva ESG i...

6.1CVSS8AI score0.01929EPSS
Exploits0
Circl
Circl
added 2025/09/18 1:43 a.m.8 views

CVE-2019-11886

creationtimestamp| type| source ---|---|--- 2025-09-18 01:43:53+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-11886.yaml 2025-09-21 21:02:24+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lzes4jrnvf2g...

8.8CVSS8.6AI score0.0189EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/16 8:33 a.m.13 views

CVE-2025-2404 XSS in Ubit Information Technologies' STOYS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ubit Information Technologies STOYS allows Cross-Site Scripting XSS. This issue affects STOYS: from 2 before 20250916...

4.3CVSS0.00201EPSS
Exploits0References2
Circl
Circl
added 2025/09/15 9:55 p.m.14 views

CVE-2020-11515

creationtimestamp| type| source ---|---|--- 2025-09-15 21:55:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-11515.yaml 2025-09-16 21:02:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyy7rtlmvj2p...

6.1CVSS6AI score0.02072EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.12 views

PT-2025-87: Incorrect session expiration in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability can be exploited by an attacker to gain unlimited access to a device by brute-forcing or compromising a session token. Vulnerability status: Confirmed ...

9.2CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.8 views

PT-2025-86: Disclosure of confidential data via controller configuration request in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability can be exploited by an attacker to obtain administrator‑level privileges. Vulnerability status: Confirmed by vendor Date of vulnerability remediation:...

8.3CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2025/09/04 3:33 p.m.10 views

CVE-2025-38724 nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

In the Linux kernel, the following vulnerability has been resolved: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Lei Lu recently reported that nfsd4setclientidconfirm did not check the return value from getclientlocked. a SETCLIENTIDCONFIRM could race with a confirmed client...

0.00163EPSS
Exploits0References9
Rows per page
Query Builder