Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/06/08 6:26 p.m.39 views

CVE-2026-10786

Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileged user to obtain cleartext credentials for configured ticketing integrations via a crafted API request. This issue affects : Devolutions Server 2026.2.4.0 Devolutions Server...

0.00148EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-37648

Name of the Vulnerable Software and Affected Versions Cisco Unity Connection affected versions not specified Description Insufficient validation of user-supplied input in the web-based management interface allows an authenticated remote attacker to execute arbitrary code as root. This is achieved...

9CVSS6.2AI score0.00712EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the Cisco Identity Services Engine (ISE) policy management platform and the Cisco ISE Passive Identity Connector (ISE-PIC) virtual authentication data collection device exists due to the lack of measures to neutralize specific elements, allowing attackers to execute arbitrary commands with root privileges.

The vulnerability of the Cisco Identity Services Engine ISE policy management platform and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a...

8.5CVSS7.3AI score0.12681EPSS
Exploits0References2
CVE
CVE
added 2024/11/18 12:0 a.m.58 views

CVE-2024-44757

CVE-2024-44757 describes an arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0, exploitable via a crafted interface request that can expose sensitive files. The initial data indicates a high-severity impact (C:H/I:N/A:N, CVSS 3....

7.5CVSS6.6AI score0.00421EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/07/31 9:15 p.m.4 views

CVE-2022-4003

A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request...

6.5CVSS5.8AI score0.00396EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/31 12:0 a.m.7 views

Motorola Q14 安全漏洞

The Motorola Q14 is a mesh router system from Motorola USA. A security vulnerability exists in Motorola Q14 versions prior to v1.5.0.16, which stems from a denial of service vulnerability that could allow an authenticated user to trigger an internal service restart via a specially crafted API...

6.5CVSS6.4AI score0.00396EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/06 12:0 a.m.11 views

PT-2024-21971

Name of the Vulnerable Software and Affected Versions Ladder versions 0.0.1 through 0.0.21 Description The issue allows a remote attacker to obtain sensitive information via a crafted request to the API. Recommendations For versions 0.0.1 through 0.0.21, update to a version that contains a fix fo...

7.5CVSS7AI score0.02325EPSS
Exploits3References7
Rows per page
Query Builder