Lucene search
K

95 matches found

EUVD
EUVD
added 2026/06/27 12:30 a.m.11 views

EUVD-2026-39925

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS5.8AI score0.0045EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 11:17 p.m.14 views

CVE-2026-31928

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.8CVSS0.0045EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52988

Name of the Vulnerable Software and Affected Versions DMP-5000 affected versions not specified Description Devices are shipped with a default administrative web account that utilizes weak authentication controls. These credentials are not required to be changed during the initial configuration or...

9.3CVSS5.8AI score0.0045EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 9:41 p.m.23 views

CVE-2025-71327

Flowise has an authentication bypass in the unprotected /api/v1/account/register endpoint. Unauthenticated attackers can register arbitrary accounts and gain full API access without credentials. CVSS metrics are provided (v3.1: 9.1; v4.0: 9.3), indicating a critical impact on confidentiality and ...

9.3CVSS6AI score0.0046EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.21 views

PT-2026-50658

Name of the Vulnerable Software and Affected Versions ibaPDA affected versions not specified ibaDatCoordinator affected versions not specified Description Remote, unauthenticated attackers can exploit a deserialization of untrusted data issue to achieve remote code execution, potentially gaining...

9.8CVSS6.4AI score0.00553EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-45924

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A remote attacker with user privileges can exploit a stack buffer overflow in the bac-deviceobject method to gain full system access as root. A stack buffer...

8.8CVSS6.5AI score0.00456EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32278

In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Netis AC1200 安全漏洞

The Netis AC1200 is a series of dual-band wireless broadband routers produced by the Chinese company Netis. The Netis AC1200 Router NC21 V4.0.1.4296 version contains a security vulnerability. This vulnerability stems from the hardcoded root credentials stored in the /etc/shadow.sample file. The...

7.3CVSS5.8AI score0.00301EPSS
Exploits0References3
CVE
CVE
added 2026/05/17 12:11 p.m.15 views

CVE-2018-25320

CVE-2018-25320 affects ACL Analytics 11.x through 13.0.0.579. The vulnerability is an arbitrary code execution via the EXECUTE function, enabling an attacker to run commands with SYSTEM privileges. Reported chain includes using bitsadmin to download malicious PowerShell scripts and execute them t...

9.8CVSS6.5AI score0.00576EPSS
Exploits0References4
NVD
NVD
added 2026/04/02 8:16 p.m.6 views

CVE-2023-7343

Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...

8.5CVSS0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.11 views

PT-2026-24031

Name of the Vulnerable Software and Affected Versions UBR affected versions not specified Description A local attacker with limited privileges who gains access to the UBR service account, for example through SSH, can escalate their privileges to achieve full system access. This is possible becaus...

7.8CVSS5.9AI score0.00161EPSS
Exploits0References6
NVD
NVD
added 2026/02/12 8:16 p.m.56 views

CVE-2019-25344

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

8.5CVSS0.00162EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/02 2:12 p.m.6 views

CVE-2022-50981

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...

9.8CVSS5.6AI score0.00527EPSS
Exploits0References3Affected Software10
RedhatCVE
RedhatCVE
added 2026/01/16 2:23 p.m.9 views

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS7.2AI score0.00541EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 1:16 p.m.7 views

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS0.00541EPSS
Exploits0References6
CVE
CVE
added 2026/01/15 1:0 p.m.16 views

CVE-2026-22908

CVE-2026-22908 affects SICK TDC-X401GL (and related) via uploading unvalidated container images, enabling remote attackers to potentially gain full system access and impact confidentiality, integrity, and possibly availability. Root cause: unvalidated image upload. Exploitation status is not docu...

9.1CVSS6.8AI score0.00541EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/01/15 1:0 p.m.4 views

EUVD-2026-2823

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS6.7AI score0.00541EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/01/15 1:0 p.m.2 views

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS6.8AI score0.00541EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/01/15 1:0 p.m.25 views

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS0.00541EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.10 views

PT-2026-2989

Name of the Vulnerable Software and Affected Versions versions prior to 2026-22908 Description Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality. Recommendations At the moment, there is n...

9.1CVSS6.7AI score0.00541EPSS
Exploits0References12
Rows per page
Query Builder