Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-23024

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00306EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23001

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/31 12:33 a.m.17 views

CVE-2025-28172

Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force...

6.5CVSS7.7AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2025/07/29 5:15 p.m.6 views

CVE-2025-28170

Grandstream Networks GXP1628 =1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files...

7.6CVSS0.00306EPSS
Exploits1References1
NVD
NVD
added 2025/07/29 3:15 p.m.3 views

CVE-2025-28172

Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force...

6.5CVSS0.00277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.5 views

PT-2025-31217 · Grandstream Networks · Ucm6510

Name of the Vulnerable Software and Affected Versions: Grandstream Networks UCM6510 versions 1.0.20.52 and earlier Description: The software is susceptible to improper restriction of excessive authentication attempts, allowing an attacker to perform a brute force attack to gain access to targeted...

6.5CVSS7.6AI score0.00277EPSS
Exploits0References7
CVE
CVE
added 2025/07/29 12:0 a.m.28 views

CVE-2025-28170

The CVE-2025-28170 entry concerns Grandstream Networks GXP1628 devices running version 1.0.4.130 or earlier. The root cause is Incorrect Access Control due to directory listing being enabled, which can permit unauthorized access to sensitive directories and files. Publicly available sources in th...

7.6CVSS6.4AI score0.00306EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/07/29 12:0 a.m.9 views

CVE-2025-28170

Grandstream Networks GXP1628 =1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files...

0.00306EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/29 12:0 a.m.11 views

CVE-2025-28172

Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force...

0.00277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.6 views

PT-2025-31221 · Grandstream Networks · Gxp1628

Name of the Vulnerable Software and Affected Versions: Grandstream Networks GXP1628 versions 1.0.4.130 and earlier Description: The Grandstream Networks GXP1628 device is susceptible to incorrect access control due to directory listing being enabled. This allows unauthorized access to sensitive...

7.6CVSS7AI score0.00306EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/07/29 12:0 a.m.3 views

CVE-2025-28170

Grandstream Networks GXP1628 =1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files...

6.4AI score0.00306EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.65 views

Grandstream Networks UCM6200 Series SQLi (Phone Web UI)

A SQL injection vulnerability exists in Grandstream UCM6200 Series devices. An unauthenticated, remote attacker can exploit this to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. Note that Nessus has not tested...

10CVSS8.7AI score0.83926EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.218 views

Grandstream Networks UCM6200 Series SQLi (SIP)

A SQL injection vulnerability exists in Grandstream UCM6200 Series devices. An unauthenticated, remote attacker can exploit this to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. Note that Nessus has not tested...

10CVSS8.7AI score0.83926EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.210 views

Grandstream Networks UCM6200 Series SQLi (Web UI)

A SQL injection vulnerability exists in Grandstream UCM6200 Series devices. An unauthenticated, remote attacker can exploit this to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. Note that Nessus has not tested...

10CVSS8.7AI score0.83926EPSS
Exploits8References2
Packet Storm
Packet Storm
added 2012/10/23 12:0 a.m.37 views

Grandstream GXP1405 Executive IP Phone 1.0.1.110 XSS

-------------------------------------------------------------------------------- title: Grandstream GXP1405 Executive IP Phone Persistent XSS product: Grandstream Networks vulnerable version: 1.0.1.110 impact: Low homepage: www.grandstream.com found: 23.10.2012 by: aulmn...

Exploits0
Rows per page
Query Builder