CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

730 matches found

Linear eMerge E3 - Cross-Site Scripting

Linear eMerge E3-Series devices are vulnerable to cross-site scripting via the 'layout' parameter. id: CVE-2019-7255 info: name: Linear eMerge E3 - Cross-Site Scripting author: arafatansari severity: medium description: | Linear eMerge E3-Series devices are vulnerable to cross-site scripting via...

6.1CVSS6.5AI score0.5053EPSS

Exploits5References5

Nuclei•added 19 hours ago•25 views

eMerge E3 1.00-06 - Local File Inclusion

Linear eMerge E3-Series devices are vulnerable to local file inclusion. id: CVE-2019-7254 info: name: eMerge E3 1.00-06 - Local File Inclusion author: 0xAkoko severity: high description: Linear eMerge E3-Series devices are vulnerable to local file inclusion. impact: | Successful exploitation of...

7.5CVSS7.2AI score0.9057EPSS

Exploits8References5

Nuclei•added yesterday•6 views

Nortek Linear eMerge E3-Series - SQL Injection

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter. id: CVE-2022-38627 info: name: Nortek Linear eMerge E3-Series - SQL Injection author: daffainfo,omarhashem666...

9.8CVSS7.4AI score0.72067EPSS

Exploits2References3

Nuclei•added 2 days ago•30 views

Nortek Linear eMerge E3-Series - Cross-Site Scripting

There is a local session fixation vulnerability that, when chained with cross-site scripting, leads to account take over of admin or a lower privileged user. id: CVE-2022-31798 info: name: Nortek Linear eMerge E3-Series - Cross-Site Scripting author: ritikchaddha severity: medium description: |...

6.1CVSS6.3AI score0.86613EPSS

Exploits2References5

Nuclei•added 3 days ago•25 views

Linear eMerge E3-Series - Cross-Site Scripting

Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badgetemplatev0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based...

6.1CVSS6.3AI score0.81486EPSS

Exploits1References5

Nuclei•added 3 days ago•17 views

Linear eMerge E3-Series - Information Disclosure

Linear eMerge E3-Series devices are susceptible to information disclosure. Admin credentials are stored in clear text at the endpoint /test.txt in situations where the default admin credentials have been changed. An attacker can obtain admin credentials, access the admin dashboard, control buildi...

8.2CVSS7.3AI score0.81013EPSS

Exploits3References5

Nuclei•added 3 days ago•87 views

Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection

Nortek Linear eMerge E3-Series devices before 0.32-08f are susceptible to remote command injection via ReaderNo. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. NOTE: this...

9.8CVSS7.3AI score0.93251EPSS

Exploits3References5

Nuclei•added 2026/05/25 4:37 a.m.•40 views

eMerge E3 1.00-06 - Remote Code Execution

Linear eMerge E3-Series devices are susceptible to remote code execution vulnerabilities. id: CVE-2019-7256 info: name: eMerge E3 1.00-06 - Remote Code Execution author: pikpikcu severity: critical description: | Linear eMerge E3-Series devices are susceptible to remote code execution...

10CVSS8AI score0.94403EPSS

Exploits16References5

RedhatCVE•added 2026/01/09 10:57 a.m.•3 views

CVE-2022-38628

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting XSS vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...

6.1CVSS6.4AI score0.08307EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:48 a.m.•5 views

CVE-2022-31269

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. This occurs in situations where the CVE-2019-7271 default credentials have been changed...

9.8CVSS6.9AI score0.81013EPSS

Exploits3References1

RedhatCVE•added 2026/01/09 10:46 a.m.•10 views

CVE-2022-31798

Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /cardscan.php?CardFormatNo= XSS with session fixation via PHPSESSID when they are chained together. This would allow an attacker to take over an admin account or a user account...

6.1CVSS6.1AI score0.86613EPSS

Exploits2References1

RedhatCVE•added 2026/01/07 9:37 a.m.•4 views

CVE-2019-7260

Linear eMerge E3-Series devices have Cleartext Credentials in a Database...

9.8CVSS7AI score0.00476EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:37 a.m.•5 views

CVE-2019-7268

Linear eMerge 50P/5000P devices allow Unauthenticated File Upload...

10CVSS7AI score0.00732EPSS

Exploits5References1