Lucene search
K

19186 matches found

Cvelist
Cvelist
added 2025/10/27 3:3 p.m.8 views

CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...

6.8CVSS0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 3:3 p.m.5 views

EUVD-2025-36196

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...

6.8CVSS6.3AI score0.0021EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/27 3:3 p.m.4 views

CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...

6.8CVSS6.5AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/27 1:32 p.m.14 views

CVE-2025-34502

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

7CVSS7.4AI score0.00197EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/10/27 8:55 a.m.15 views

Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack

The ransomware group known as Qilin aka Agenda, Gold Feather, and Water Galura has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-44007

A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...

5.3CVSS6.3AI score0.00236EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

pybbs 访问控制错误漏洞

pybbs is a community platform for Java development by iuiu individual developers. An access control error vulnerability exists in pybbs version 6.0.0 and earlier, which stems from the misuse of an unknown function in the file UserApiController.java, which could lead to information disclosure...

5.3CVSS4.6AI score0.00327EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

Honeywell S35 Series 安全漏洞

Honeywell S35 Series is a series of cameras from Honeywell USA. A security vulnerability exists in the Honeywell S35 Series that stems from an authorization bypass of the user controller key, which could result in elevated privileges...

6.8CVSS6.7AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.10 views

shiyi-blog 代码问题漏洞

shiyi-blog is a vue+springboot front-end and back-end separated blog system by bule individual developer. A code issue vulnerability exists in shiyi-blog 1.2.1 and earlier versions, which originates from a deserialization issue in the Job Handler component in the file...

9.8CVSS6.6AI score0.00461EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.8 views

PT-2025-43970

Name of the Vulnerable Software and Affected Versions Honeywell S35 Series Cameras versions prior to 2025.08.28 Pinhole/Kit Camera Honeywell S35 Series Cameras versions prior to 2025.08.22 AI Fisheye & Dual Sensor/Micro Dome/Full Color Eyeball & Bullet Camera Honeywell S35 Series Cameras versions...

6.8CVSS6.8AI score0.0021EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-44008

Name of the Vulnerable Software and Affected Versions quequnlong shiyi-blog versions up to 1.2.1 Description A flaw exists in the Job Handler component of quequnlong shiyi-blog. The issue involves deserialization within an unknown function of the file...

9.8CVSS6AI score0.00461EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

TIME-SEA-PLUS 授权问题漏洞

TIME-SEA-PLUS is an Ai platform for bdth individual developers. dulaiduwang003 TIME-SEA-PLUS has an authorization issue vulnerability that originates from improper authorization of the function alipayIsSucceed in the file PayController.java, which could lead to a remote attack...

5.3CVSS4.9AI score0.00236EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-10230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or...

10CVSS6AI score0.39677EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/10/26 12:0 a.m.4 views

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a missing initial password...

10CVSS6.7AI score0.00312EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/26 12:0 a.m.4 views

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are vulnerable to a cross-site scripting vulnerability that is caused by improper...

6.9CVSS6AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/25 12:30 a.m.6 views

EUVD-2025-35894

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

7CVSS6.9AI score0.00197EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/25 12:0 a.m.4 views

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from the creation of an undocument...

10CVSS6.5AI score0.00312EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/25 12:0 a.m.6 views

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which is caused by the use of vulnerable...

10CVSS6.6AI score0.00337EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/10/24 11:24 p.m.2 views

SUSE CVE-2025-40020

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...

6.1CVSS6.6AI score0.00193EPSS
Exploits0References19
Cvelist
Cvelist
added 2025/10/24 11:4 p.m.8 views

CVE-2025-34502 Shuffle Master Deck Mate 2 Missing Secure Boot

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

7CVSS0.00197EPSS
Exploits0References2
Rows per page
Query Builder