CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

730 matches found

Linear eMerge E3 - Cross-Site Scripting

Linear eMerge E3-Series devices are vulnerable to cross-site scripting via the 'layout' parameter. id: CVE-2019-7255 info: name: Linear eMerge E3 - Cross-Site Scripting author: arafatansari severity: medium description: | Linear eMerge E3-Series devices are vulnerable to cross-site scripting via...

6.1CVSS6.4AI score0.5053EPSS

Exploits5References5

Nuclei•added 17 hours ago•25 views

Linear eMerge E3-Series - Cross-Site Scripting

Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badgetemplatev0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based...

6.1CVSS6.1AI score0.81486EPSS

Exploits1References5

Nuclei•added 17 hours ago•30 views

Nortek Linear eMerge E3-Series - Cross-Site Scripting

There is a local session fixation vulnerability that, when chained with cross-site scripting, leads to account take over of admin or a lower privileged user. id: CVE-2022-31798 info: name: Nortek Linear eMerge E3-Series - Cross-Site Scripting author: ritikchaddha severity: medium description: |...

6.1CVSS6.2AI score0.86613EPSS

Exploits2References5

Nuclei•added 17 hours ago•25 views

eMerge E3 1.00-06 - Local File Inclusion

Linear eMerge E3-Series devices are vulnerable to local file inclusion. id: CVE-2019-7254 info: name: eMerge E3 1.00-06 - Local File Inclusion author: 0xAkoko severity: high description: Linear eMerge E3-Series devices are vulnerable to local file inclusion. impact: | Successful exploitation of...

7.5CVSS7.3AI score0.9057EPSS

Exploits8References5

Nuclei•added yesterday•17 views

Linear eMerge E3-Series - Information Disclosure

Linear eMerge E3-Series devices are susceptible to information disclosure. Admin credentials are stored in clear text at the endpoint /test.txt in situations where the default admin credentials have been changed. An attacker can obtain admin credentials, access the admin dashboard, control buildi...

8.2CVSS7.8AI score0.81013EPSS

Exploits3References5

Nuclei•added yesterday•6 views

Nortek Linear eMerge E3-Series - SQL Injection

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter. id: CVE-2022-38627 info: name: Nortek Linear eMerge E3-Series - SQL Injection author: daffainfo,omarhashem666...

9.8CVSS7.9AI score0.72067EPSS

Exploits2References3

Nuclei•added 5 days ago•87 views

Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection

Nortek Linear eMerge E3-Series devices before 0.32-08f are susceptible to remote command injection via ReaderNo. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. NOTE: this...

9.8CVSS7.3AI score0.93251EPSS

Exploits3References5

Nuclei•added 2026/05/25 4:37 a.m.•40 views

eMerge E3 1.00-06 - Remote Code Execution

Linear eMerge E3-Series devices are susceptible to remote code execution vulnerabilities. id: CVE-2019-7256 info: name: eMerge E3 1.00-06 - Remote Code Execution author: pikpikcu severity: critical description: | Linear eMerge E3-Series devices are susceptible to remote code execution...

10CVSS8AI score0.94403EPSS

Exploits16References5

RedhatCVE•added 2026/01/09 10:57 a.m.•4 views

CVE-2022-38628

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting XSS vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...

6.1CVSS6.4AI score0.08307EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:48 a.m.•5 views

CVE-2022-31269

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. This occurs in situations where the CVE-2019-7271 default credentials have been changed...

9.8CVSS6.9AI score0.81013EPSS

Exploits3References1

RedhatCVE•added 2026/01/09 10:46 a.m.•11 views

CVE-2022-31798

Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /cardscan.php?CardFormatNo= XSS with session fixation via PHPSESSID when they are chained together. This would allow an attacker to take over an admin account or a user account...

6.1CVSS6.1AI score0.86613EPSS

Exploits2References1

RedhatCVE•added 2026/01/07 9:37 a.m.•4 views

CVE-2019-7260

Linear eMerge E3-Series devices have Cleartext Credentials in a Database...

9.8CVSS7AI score0.00476EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:37 a.m.•5 views

CVE-2019-7268

Linear eMerge 50P/5000P devices allow Unauthenticated File Upload...

10CVSS7AI score0.00732EPSS

Exploits5References1