CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Tenable Nessus•added 2026/02/03 12:0 a.m.•2 views

EndRun Technologies Sonoma Cross-site Scripting (CVE-2025-60961)

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts. This plugin only works with Tenable.ot. Please visit...

6.1CVSS5.3AI score0.00026EPSS

Exploits0References3

RedhatCVE•added 2025/10/07 11:13 p.m.•2 views

CVE-2025-60961

6.1CVSS6.3AI score0.00026EPSS

Exploits0References1

RedhatCVE•added 2025/10/07 7:22 p.m.•3 views

CVE-2025-60964

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts...

9.1CVSS7.9AI score0.00185EPSS

Exploits0References1

EUVD•added 2025/10/06 6:31 p.m.•5 views

EUVD-2025-32565

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information...

8.2CVSS6.8AI score0.00429EPSS

Exploits0References4

EUVD•added 2025/10/06 6:31 p.m.•2 views

EUVD-2025-32567

6.1CVSS5.7AI score0.00026EPSS

Exploits0References4

NVD•added 2025/10/06 5:16 p.m.•2 views

CVE-2025-60964

9.1CVSS0.00185EPSS

Exploits0References3

NVD•added 2025/10/06 5:16 p.m.•3 views

CVE-2025-60960

8.2CVSS0.00539EPSS

Exploits0References3

NVD•added 2025/10/06 5:16 p.m.•4 views

CVE-2025-60957

9.9CVSS0.00208EPSS

Exploits0References3

Vulnrichment•added 2025/10/06 12:0 a.m.•2 views

CVE-2025-60969

Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information...

6.6AI score0.00184EPSS

Exploits0References3

Positive Technologies•added 2025/10/06 12:0 a.m.•2 views

PT-2025-40923

Name of the Vulnerable Software and Affected Versions EndRun Technologies Sonoma D12 Network Time Server GPS version 4.00 Description An issue exists in EndRun Technologies Sonoma D12 Network Time Server GPS that allows attackers to execute arbitrary code, cause a denial of service, gain escalate...

9.9CVSS7.3AI score0.00208EPSS

Exploits0References7

Positive Technologies•added 2025/10/06 12:0 a.m.•2 views

PT-2025-40925

Name of the Vulnerable Software and Affected Versions EndRun Technologies Sonoma D12 Network Time Server GPS version 4.00 Description An issue exists in EndRun Technologies Sonoma D12 Network Time Server GPS that allows attackers to gain sensitive information through OS Command Injection. The...

8.2CVSS6.6AI score0.00429EPSS

Exploits0References7

CVE•added 2025/10/06 12:0 a.m.•9 views

CVE-2025-60969

CVE-2025-60969 affects EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware version 4.00, specifically on device 6010-0076-000. The vulnerability is a path/directory traversal that could disclose sensitive information. Public sources from Tenable.ot and PT-Security confirm the vulner...

5.7CVSS6.6AI score0.00184EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/10/06 12:0 a.m.•7 views

CVE-2025-60967

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information...

0.00029EPSS

Exploits0References3

CVE•added 2025/10/06 12:0 a.m.•12 views

CVE-2025-60958

EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 4.00 (6010-0071-000) is affected by a Cross Site Scripting (XSS) vulnerability. The issue could lead to disclosure of sensitive information. The Tenable.ot/Nessus and other feeds confirm XSS in the D12 appliance; no patch/version r...

7.3CVSS5.7AI score0.00029EPSS

Exploits0References3Affected Software1

CVE•added 2025/10/06 12:0 a.m.•28 views

CVE-2025-60962

Summary: CVE-2025-60962 describes an OS Command Injection vulnerability in EndRun Technologies’ Sonoma D12 Network Time Server (GPS) firmware version 4.00 (F/W 6010-0071-000). The issue is triggered via OS command injection and could allow a remote attacker to access sensitive information, with a...

8.2CVSS7AI score0.00429EPSS

Exploits0References3Affected Software1

CVE•added 2025/10/06 12:0 a.m.•15 views

CVE-2025-60967

EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 6010-0076-000 Ver 4.00 is affected by a Cross Site Scripting (XSS) vulnerability (CVE-2025-60967). The issue, as described across multiple sources, enables attackers to obtain sensitive information. The CVSSv3.1 vector is CVSS:3.1/...

7.3CVSS5.7AI score0.00029EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/10/06 12:0 a.m.•1 views

CVE-2025-60963

7.5AI score0.00539EPSS

Exploits0References3

Vulnrichment•added 2025/10/06 12:0 a.m.•2 views

CVE-2025-60959

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information...

6.9AI score0.00429EPSS

Exploits0References3