CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

NVD•added 2026/01/06 4:15 p.m.•2 views

CVE-2020-36905

FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...

7.5CVSS0.00063EPSS

Exploits1References7

Cvelist•added 2026/01/06 3:52 p.m.•22 views

CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API

7.5CVSS0.00063EPSS

Exploits1References7

Vulnrichment•added 2026/01/06 3:52 p.m.•1 views

CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API

7.5CVSS6.7AI score0.00063EPSS

Exploits1References7

CVE•added 2026/01/06 3:52 p.m.•12 views

CVE-2020-36905

CVE-2020-36905 affects FIBARO System Home Center 5.021. A remote file inclusion vulnerability exists in the undocumented proxy API that allows an attacker to include arbitrary client-side scripts by abusing the GET parameter “url,” enabling injection of malicious JavaScript and potentially hijack...

7.5CVSS6.7AI score0.00063EPSS

Exploits1References7

Positive Technologies•added 2026/01/06 12:0 a.m.•1 views

PT-2026-1440

7.5CVSS7AI score0.00063EPSS

Exploits1References8

CNNVD•added 2026/01/06 12:0 a.m.•2 views

FIBARO System Home Center 安全漏洞

FIBARO System Home Center is a series of smart home core central control hosts from the Polish company FIBARO. A security vulnerability exists in FIBARO System Home Center version 5.021, which stems from a remote file inclusion vulnerability in the undocumented proxy API that could lead to the...

7.5CVSS7AI score0.00063EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-38652

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00039EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-8399

Malicious code in bioql PyPI...

7.8CVSS8.3AI score0.01763EPSS

Exploits3References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-8401

Malicious code in bioql PyPI...

8.1CVSS8.3AI score0.01202EPSS

Exploits3References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-8398

Malicious code in bioql PyPI...

5.9CVSS7AI score0.01843EPSS

Exploits3References4

RedhatCVE•added 2025/05/23 3:27 a.m.•8 views

CVE-2023-34597

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...

6.5CVSS6.8AI score0.00039EPSS

Exploits1References1

ATTACKERKB•added 2023/06/20 1:15 p.m.•1 views

CVE-2023-34597

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...

6.5CVSS6.6AI score0.00039EPSS

Exploits1References4

OSV•added 2023/06/20 1:15 p.m.•2 views

CVE-2023-34597

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...

6.5CVSS5.8AI score

Exploits0References2

CNNVD•added 2023/06/20 12:0 a.m.•1 views

Fibaro Motion Sensor 安全漏洞

Fibaro Motion Sensor is a wireless motion sensor from the Polish company Fibaro. A security vulnerability exists in Fibaro Motion Sensor version v3.4 that stems from allowing an attacker to cause a denial of service DoS via a crafted Z-Wave message...

6.5CVSS6.5AI score0.00039EPSS

Exploits1References3

Positive Technologies•added 2023/06/20 12:0 a.m.•2 views

PT-2023-24938 · Fibaro · Fibaro Motion Sensor

Name of the Vulnerable Software and Affected Versions: Fibaro Motion Sensor version 3.4 Description: A Denial of Service DoS issue exists, allowing attackers to cause a disruption via a crafted Z-Wave message. Recommendations: For Fibaro Motion Sensor version 3.4, update the firmware to a version...

6.5CVSS6.8AI score0.00039EPSS

Exploits1References5

CVE•added 2023/06/20 12:0 a.m.•39 views

CVE-2023-34597

CVE-2023-34597 affects Fibaro Motion Sensor firmware version 3.4. The vulnerability allows an attacker to cause a Denial of Service via a crafted Z-Wave message. Documented impact: availability impact high (DoS) with attack vector Adjacent and no privileges/UI required. The NVD/NVD-derived metric...

6.5CVSS6.2AI score0.00039EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/06/20 12:0 a.m.•15 views

CVE-2023-34597

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...

6.5AI score0.00039EPSS

Exploits1References2

0day.today•added 2021/04/20 12:0 a.m.•100 views

Fibaro Home Center MITM / Missing Authentication / Code Execution Vulnerabilities

Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities. Fibaro Home Center MITM / Missing Authentication / Code Execution Vendor description:...

9.8CVSS7AI score0.34187EPSS

Exploits6

Packet Storm•added 2021/04/20 12:0 a.m.•560 views

Fibaro Home Center MITM / Missing Authentication / Code Execution

IoT Inspector Research Lab Advisory IOT-20210408-0 title: Multiple vulnerabilities vendor/product: Fibaro Home Center Light / Fibaro Home Center 2 https://www.fibaro.com/ vulnerable version: 4.600 and older fixed version: 4.610 CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,...

0.9AI score0.34187EPSS

Exploits6

OSV•added 2021/04/19 2:15 p.m.•1 views

CVE-2021-20989

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH connections to the Fibaro cloud to provide remote access and remote support capabilities. This connection can be intercepted using DNS spoofing attack and a device initiated remote port-forward channel can be...

5.9CVSS6.8AI score0.01843EPSS

Exploits3References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by