Lucene search
+L

128 matches found

RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.7 views

CVE-2026-40525

OpenViking prior to version 0.3.9 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the apikey configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke...

9.1CVSS5.8AI score0.00571EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2003-0360

Malware in sbrugna...

4.6CVSS6.4AI score0.00312EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-0881

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.02021EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:14 a.m.8 views

CVE-2019-1010147

Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: Incorrect Access Control - Privileges Escalation. The impact is: Victim attacked and access admin functionality through their browser and control browser. The component is: MIAdminStyles.i4. The attack vector is: Victims are...

5.4CVSS6AI score0.00654EPSS
Exploits1References1
CNVD
CNVD
added 2023/02/28 12:0 a.m.8 views

Command Execution Vulnerability in Tianqing Hanma USG Firewall of Beijing Qixing Information Security Technology Co.

Tianqing Hanma USG Firewall is a new firewall series product launched by Qixing. There is a command execution vulnerability in Tianqing Hanma USG Firewall, which can be exploited by attackers to obtain server control privileges...

7.2AI score
Exploits0
CNVD
CNVD
added 2023/02/22 12:0 a.m.22 views

File Upload Vulnerability in DSS of Zhejiang Dahua Technology Co.

Zhejiang Dahua Technology Co., Ltd. is a video-centered intelligent IOT solution provider and operation service provider. A file upload vulnerability exists in the DSS of Zhejiang Dahua Technology Co. Ltd, which can be exploited by an attacker to gain server control privileges...

7.3AI score
Exploits0
CNVD
CNVD
added 2022/10/11 12:0 a.m.36 views

Huawei HarmonyOS HwAirlink Module Buffer Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei China Inc. Huawei HarmonyOS version 2.0, 2.1 is vulnerable to a buffer overflow vulnerability that stems from a boundary error in the handling of untrusted input by the HwAirlink module. An attacker could exploit the vulnerability to gain proces...

9.8CVSS4.3AI score0.0051EPSS
Exploits0References1
OSV
OSV
added 2022/05/05 4:13 p.m.36 views

CVE-2022-29501

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution...

9CVSS7.1AI score0.02639EPSS
Exploits0References9
NVD
NVD
added 2022/02/10 5:15 p.m.34 views

CVE-2021-44892

A Remote Code Execution RCE vulnerability exists in ThinkPHP 3.x.x via valuefilename in index.php, which could let a malicious user obtain server control privileges...

8.8CVSS0.02021EPSS
Exploits1References1
OSV
OSV
added 2022/02/10 5:15 p.m.30 views

CVE-2021-44892

A Remote Code Execution RCE vulnerability exists in ThinkPHP 3.x.x via valuefilename in index.php, which could let a malicious user obtain server control privileges...

8.8CVSS7.5AI score
Exploits0References1
Prion
Prion
added 2022/02/10 5:15 p.m.29 views

Remote code execution

A Remote Code Execution RCE vulnerability exists in ThinkPHP 3.x.x via valuefilename in index.php, which could let a malicious user obtain server control privileges...

6.5CVSS8.8AI score0.02021EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/02/10 4:5 p.m.39 views

CVE-2021-44892

A Remote Code Execution RCE vulnerability exists in ThinkPHP 3.x.x via valuefilename in index.php, which could let a malicious user obtain server control privileges...

9.2AI score0.02021EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/24 12:0 a.m.10 views

Damon database management system has a file upload vulnerability

Damon Database Management System is a centralized management platform to monitor, manage and maintain DM databases through a web interface. There is a file upload vulnerability in Damon Database Management System, which can be exploited by attackers to obtain server control privileges...

3.6AI score
Exploits0
CNVD
CNVD
added 2021/12/20 12:0 a.m.11 views

Command Execution Vulnerability in Patrol Cloud Light Forum System (CNVD-2022-01416)

Cruise cloud light forum system contains forums, Q&A module, using JAVA MYSQL architecture. A command execution vulnerability exists in the Patrol Cloud Light Forum system, which can be exploited by an attacker to gain server control privileges...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/12/09 12:0 a.m.25 views

Unitrends Backup SNMP weak password vulnerability

Unitrends Backup is eliminating data loss, ransomware, and risk. versions prior to Unitrends Backup 10.5.5 have an SNMP weak password vulnerability that stems from the SNMP daemon being configured with a weak silent group name, which can be exploited by an attacker to gain snmp control privileges...

9.8CVSS5AI score0.01862EPSS
Exploits1References1
CNVD
CNVD
added 2021/10/18 12:0 a.m.22 views

File Upload Vulnerability in Enterprise Mobile Management Platform (Leagsoft emm) of Shenzhen Leagsoft Technology Co.

Enterprise Mobility Management Platform Leagsoft emm is a full lifecycle security management platform for mobile applications, including device management, application management, user management, security policy management and other related functions. A file upload vulnerability exists in Leagso...

7.5AI score
Exploits0
CNNVD
CNNVD
added 2021/09/30 12:0 a.m.20 views

Ecoa Bas controller 信任管理问题漏洞

ECOA BAS controller is a BAS controller developed by Ecoa Technologies Corp in Taiwan, China. ECOA BAS controller is vulnerable to hard-coded credentials, which can be exploited by attackers to directly log in and gain administrator control privileges...

10CVSS8.4AI score0.01989EPSS
Exploits1References2
CNVD
CNVD
added 2021/08/05 12:0 a.m.8 views

File Upload Vulnerability in NetSign Signature Verification Server of Dongfang Tongweb Middleware of Beijing Xin'an Century Technology Co.

Ltd. provides signature verification server NetSign to provide digital signature services based on digital certificates for various types of electronic information data, electronic documents, etc., and verify the authenticity and validity of signatures on signed data; support user certificate...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/07/08 12:0 a.m.12 views

File Upload Vulnerability in IPTV Business Management System of Shenzhen Zichen Video Technology Co.

Ltd. is a wholly-owned subsidiary of Beijing Zichen Pegasus Technology Co., Ltd. and is committed to providing a new generation of 4K ultra-high-definition audio-visual edge computing and so on for hotels, hospitals, communities, apartments, schools and enterprises and institutions. There is a fi...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/07/08 12:0 a.m.10 views

File Upload Vulnerability in Collaborative Office Platform of Microsoft Technology (Hangzhou) Co.

Microsoft Technology Hangzhou Co., Ltd. is a professional ECM Collaboration Management Software and BPM Business Process Management Software R & D and solution provider. A file upload vulnerability exists in the Collaboration Office platform of Microhome Software Technology Hangzhou Co., Ltd, whi...

7.3AI score
Exploits0
Rows per page
Query Builder