Lucene search
+L

24 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/25 1:47 a.m.5 views

CVE-2026-24896

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edihmain.php endpoint, which allows any authenticated user—including low-privilege roles like Receptionist—to...

6.5CVSS5.4AI score0.0026EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/02/25 1:47 a.m.10 views

CVE-2026-24896 OpenEMR has Broken Access Control that allows unauthorized access to EDI Logs

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edihmain.php endpoint, which allows any authenticated user—including low-privilege roles like Receptionist—to...

6.5CVSS5.5AI score0.0026EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/02 12:0 a.m.23 views

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.7 views

ClinCapture EDC 安全漏洞

ClinCapture EDC is a clinical trial data capture system from ClinCapture, Inc. A security vulnerability exists in ClinCapture EDC versions 3.0 and 2.2.3, which originates in reflective cross-site scripting and could lead to the execution of JavaScript code by an unauthenticated, remote attacker i...

6.1CVSS6.3AI score0.00247EPSS
Exploits1References3
CVE
CVE
added 2025/12/22 12:0 a.m.16 views

CVE-2025-65270

CVE-2025-65270 is a reflected XSS vulnerability in ClinCapture EDC versions 2.2.3 and 3.0, allowing an unauthenticated remote attacker to execute JavaScript in the victim’s browser. Root cause involves reflective XSS in ClinCapture EDC. Impact is context of the victim’s browser with low confident...

6.1CVSS5.8AI score0.00247EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-29618

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01064EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29617

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02935EPSS
Exploits1References2
NVD
NVD
added 2025/08/25 9:15 a.m.5 views

CVE-2025-7426

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...

9.3CVSS0.00343EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/25 8:52 a.m.3 views

CVE-2025-7426 MINOVA TTA Information Disclosure and Credential Exposure

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...

9.3CVSS7.2AI score0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.7 views

PT-2025-34601 · Unknown · Minova Tta

Name of the Vulnerable Software and Affected Versions: MINOVA TTA version 11.17.0 Description: The MINOVA TTA service exposes authentication FTP credentials through debug port 1604, allowing unauthenticated remote access to active FTP accounts containing sensitive internal data and import...

9.3CVSS6.7AI score0.00343EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/22 10:12 p.m.8 views

CVE-2022-24830

OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...

9.8CVSS7.8AI score0.02935EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:37 p.m.7 views

CVE-2022-24831

OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has...

9.8CVSS7.8AI score0.01064EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.7 views

PT-2025-4828 · Redcap · Redcap

Name of the Vulnerable Software and Affected Versions: REDCap version 14.9.6 Description: A stored cross-site scripting XSS issue allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user receives the survey and clicks on the field name, it triggers...

6.1CVSS5.2AI score0.00278EPSS
Exploits0References5
Prion
Prion
added 2022/05/14 12:15 a.m.15 views

Path traversal

OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...

7.5CVSS9.8AI score0.02935EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/13 11:40 p.m.34 views

CVE-2022-24830 Path Traversal in OpenClinica

OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...

6.5CVSS10AI score0.02935EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/18 12:0 a.m.6 views

Cleo LexiCom 路径遍历漏洞

Cleo LexiCom is an integrated platform from Cleo, Inc. Accelerate EDI automation, speed trade partner on-boarding and easily resolve EDI issues. A path traversal vulnerability exists in Cleo LexiCom 5.5.0.0, which originates in an AS2 message where the sender can specify a filename that can conta...

9.8CVSS8.4AI score0.01549EPSS
Exploits1References2
CNVD
CNVD
added 2021/03/23 12:0 a.m.3 views

Information Disclosure Vulnerability in MessageSolution's Enterprise Email Archive Management System EEA

MessageSolution is a series of unstructured data archiving products such as email archiving, mail archiving, document archiving, SharePoint archiving and backup management, Domino document archiving, and mail archiving system SME edition can help users manage their emails and electronic data...

6.4AI score
Exploits0
OSV
OSV
added 2020/06/15 8:15 p.m.4 views

CVE-2020-12005

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

7.5CVSS7.1AI score0.01842EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2019/12/18 5:0 p.m.93 views

Data governance and retention in your Microsoft 365 tenant—a secure and highly capable solution

Data governance has relied on transferring data to a third-party for hosting an archive service. Emails, documents, chat logs, and third-party data Bloomberg, Facebook, LinkedIn, etc. must be saved in a way that it can’t be changed and won’t be lost. Data governance is part of IT at the enterpris...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/20 5:9 p.m.24 views

Massive Database from Tango messenger server hacked by Syrian Electronic Army

Syrian Electronic Army SEA, hacking group known for cyber attacks against the anti-Syrian websites, has claimed that it has hacked the website of messaging application, Tango tango.me, that includes hundreds of millions of electronic and voice data over the Internet. Hacker group tweeted a messag...

7AI score
Exploits0
Rows per page
Query Builder