Lucene search
K

159 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:1 a.m.19 views

CVE-2024-11306

A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

6.9CVSS5.3AI score0.00534EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.10 views

The vulnerability of TP-Link Tapo H200 smart home control software, related to the storage of information in an open manner, allows a intruder to obtain Wi-Fi credentials.

The vulnerability of TP-Link Tapo H200 smart home control software relates to the storage of information in an open manner. Exploiting this vulnerability could allow a intruder to obtain Wi-Fi credentials...

2.4CVSS5.4AI score0.0012EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.4 views

The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software allows a intruder to execute arbitrary codes.

The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software lies in the lack of a proper mechanism for verifying the source of the credential. Exploiting this vulnerability could allow an attacker to execute arbitrary commands by sending a...

10CVSS8.1AI score0.0518EPSS
Exploits4References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/30 12:0 a.m.4 views

The vulnerability of TeamViewer’s software for remote control of computers allows attackers to increase their privileges.

The vulnerability of TeamViewer’s remote control software relates to the improper elimination of arguments in a command sequence. Exploiting this vulnerability can allow an attacker to enhance their privileges by introducing specially crafted arguments...

7.8CVSS7.7AI score0.00497EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.7 views

CVE-2024-55957

In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control Software ICSW before 3.1 SP10, the driver packages have a local privilege escalation vulnerability due to improper access control permissions on Windows systems...

7.3AI score0.00163EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.3 views

Thermo Fisher Scientific Xcalibur 安全漏洞

Thermo Fisher Scientific Xcalibur is a data acquisition and interpretation software from Thermo Fisher Scientific USA. A security vulnerability exists in Thermo Fisher Scientific Xcalibur versions prior to 4.7 SP1 and Thermo Foundation Instrument Control Software ICSW versions prior to 3.1 SP10,...

7.8CVSS6.7AI score0.00163EPSS
Exploits0References3
OSV
OSV
added 2025/01/13 2:15 p.m.4 views

CVE-2025-22800

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through 2.9.11...

8.8CVSS7.1AI score
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.7 views

PaperCut NG 安全漏洞

PaperCut NG is a printer control software from PaperCut, Inc. A security vulnerability exists in PaperCut NG that stems from the exposure of a dangerous function with a remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an affected installation...

7.2CVSS7.6AI score0.01707EPSS
Exploits0References2
NVD
NVD
added 2024/11/18 2:15 a.m.50 views

CVE-2024-11306

A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

6.9CVSS0.00534EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/18 1:31 a.m.12 views

CVE-2024-11306 Altenergy Power Control Software database improper authorization

A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

6.9CVSS6.8AI score0.00534EPSS
Exploits0References4
CVE
CVE
added 2024/11/18 1:31 a.m.44 views

CVE-2024-11306

The CVE-2024-11306 entry concerns Altenergy Power Control Software up to 20241108 where an improper authorization vulnerability exists in the /index.php/display/database/ endpoint. A remote attacker could exploit this to gain unauthorized processing access; the exploit has been disclosed publicly...

6.9CVSS5.3AI score0.00534EPSS
Exploits0References4
NVD
NVD
added 2024/11/18 1:15 a.m.14 views

CVE-2024-11305

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

6.5CVSS0.03725EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/18 12:31 a.m.17 views

CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

6.5CVSS7.2AI score0.03725EPSS
Exploits0References4
CVE
CVE
added 2024/11/18 12:31 a.m.90 views

CVE-2024-11305

Altenergy Power Control Software contains a SQL injection in the get_status_zigbee function (file /index.php/display/status_zigbee) index parameter date. The vulnerability affects versions up to 20241108 and can be exploited remotely. The nuclei template specifies that authenticated attackers cou...

6.5CVSS6.8AI score0.03725EPSS
In wildExploits0References4
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.49 views

Altenergy Power System Control Software 注入漏洞

Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power Control Software 20241108 and prior versions that stems from an improper authorization issue in the file /index.php/display/database/...

6.9CVSS5.8AI score0.00534EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.3 views

Altenergy Power System Control Software 注入漏洞

Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power System Control Software version 20241108 and prior versions, which stems from an SQL injection in parameter date...

6.5CVSS7AI score0.03725EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/17 12:0 a.m.6 views

PT-2024-16897 · Altenergy · Altenergy Power Control

Name of the Vulnerable Software and Affected Versions: Altenergy Power Control Software versions up to 20241108 Description: A critical vulnerability has been found in the Altenergy Power Control Software, affecting the get status zigbee function of the file /index.php/display/status zigbee. The...

6.5CVSS7AI score0.03725EPSS
Exploits0References11
OSV
OSV
added 2024/09/18 9:15 p.m.14 views

CVE-2022-25768

The logic in place to facilitate the update process via the user interface lacks access control to verify if permission exists to perform the tasks. Prior to this patch being applied it might be possible for an attacker to access the Mautic version number or to execute parts of the upgrade proces...

6.5CVSS7AI score
Exploits0References1
The Hacker News
The Hacker News
added 2024/09/11 12:7 p.m.13 views

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

The Singapore Police Force SPF has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9...

6.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.5 views

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary SQL code.

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

7.5CVSS7.1AI score0.00349EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder