Lucene search
K

19178 matches found

Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.6 views

PT-2025-47244

Name of the Vulnerable Software and Affected Versions SMASH-CLP shell affected versions not specified Description A stack-based buffer overflow exists in the SMASH-CLP shell. An authenticated attacker with SSH access to the Baseboard Management Controller BMC can exploit this issue by providing a...

5.4CVSS7.6AI score0.00234EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.3 views

Supermicro BMC Firmware 安全漏洞

Supermicro BMC Firmware is a system firmware from Supermicro Corporation USA. A security vulnerability exists in Supermicro BMC Firmware that originates from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...

7.2CVSS7.9AI score0.00293EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.4 views

PT-2025-47249

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can exploit a stack buffer via a crafted header,...

5.5CVSS7.7AI score0.00277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.4 views

PT-2025-47245

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A buffer overflow exists in the web stack of the Supermicro BMC on the MBD-X13SEDW-F model. An attacker gaining access to the BMC Web server can exploit this issue using a...

7.2CVSS7.9AI score0.00293EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47250

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow vulnerability exists in the web function of the Supermicro BMC on the Supermicro MBD-X13SEDW-F. An attacker gaining access to the BMC Web server can...

7.2CVSS6.9AI score0.00293EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.3 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2023-52887)

net: can: j1939: vulnerability related to error handling for closely received RTS messages in xtprxrtssessionnew, which is addressed by replacing less informative backtraces with a new method that provides clearer error messages and allows for early termination of problematic sessions. This plugi...

5.5CVSS6.7AI score0.00226EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47372

Name of the Vulnerable Software and Affected Versions DzzOffice versions prior to 2.3.7 Description DzzOffice is susceptible to an arbitrary file upload issue located in the /dzz/system/ueditor/php/controller.php file. The issue resides within the controller.php component. Recommendations Update ...

6.8AI score0.00342EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/18 12:0 a.m.14 views

CVE-2025-63695

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

6.6AI score0.00342EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/18 12:0 a.m.3 views

EUVD-2025-198056

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

6.5AI score0.00342EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.7 views

DzzOffice 安全漏洞

DzzOffice is a platform from Big Desk DzzOffice that provides online collaborative office suite functionality. It provides online documents, forms, webstores, presentations and other features. A security vulnerability exists in DzzOffice v2.3.7 and earlier versions, which originates from...

9.8CVSS6.9AI score0.00342EPSS
Exploits1References3
CVE
CVE
added 2025/11/18 12:0 a.m.12 views

CVE-2025-63695

DzzOffice v2.3.7 and earlier is vulnerable to an Arbitrary File Upload in /dzz/system/ueditor/php/controller.php. The core issue stems from a file upload mechanism in controller.php that allows uploading arbitrary files, potentially enabling remote code execution or other impact as described in p...

9.8CVSS6.6AI score0.00342EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.3 views

SuperMicro BMC 安全漏洞

SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the SuperMicro BMC that stems from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...

7.2CVSS7.9AI score0.00293EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.9 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43883)

usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

7CVSS6.7AI score0.00223EPSS
Exploits0References4
NVD
NVD
added 2025/11/17 9:15 p.m.4 views

CVE-2025-13301

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

9.8CVSS0.00339EPSS
Exploits1References5
OSV
OSV
added 2025/11/17 9:15 p.m.4 views

CVE-2025-13300

A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS5.6AI score0.00339EPSS
Exploits1References5
NVD
NVD
added 2025/11/17 9:15 p.m.5 views

CVE-2025-13300

A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS0.00339EPSS
Exploits1References5
OSV
OSV
added 2025/11/17 9:15 p.m.4 views

CVE-2025-13301

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

9.8CVSS5.7AI score0.00339EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/17 9:2 p.m.3 views

CVE-2025-13301 itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS7.2AI score0.00339EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/17 9:2 p.m.9 views

CVE-2025-13301 itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS0.00339EPSS
Exploits1References5
CVE
CVE
added 2025/11/17 9:2 p.m.11 views

CVE-2025-13301

CVE-2025-13301 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in an unspecified function of /subject/controller.php that can be exploited remotely; public exploits exist. CNVD, Red Hat, NVD and other sources corroborate the issue and...

9.8CVSS7.2AI score0.00339EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder