Lucene search
K

115 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-1946

The GW AI Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwaiwebugravitywritedisconnecthandler function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00222EPSS
Exploits0References6
Circl
Circl
added 2026/06/17 7:41 p.m.11 views

GHSA-72GW-MP4G-V24J

creationtimestamp| type| source ---|---|--- 2026-06-17 19:41:25+00:00| seen| https://gist.github.com/alon710/e8e930bfaf0a04644c5861c1af92ed10 2026-07-02 16:42:59+00:00| seen| https://gist.github.com/konard/2d84a73c0ff6413bca5b0e79fa90d50e 2026-07-03 13:46:20+00:00| seen|...

5.9AI score
Exploits0References7
Cvelist
Cvelist
added 2026/06/12 3:2 p.m.29 views

CVE-2026-50089 Aqara IAM/SSO Gateway open redirect

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS0.00182EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/12 3:2 p.m.10 views

CVE-2026-50089 Aqara IAM/SSO Gateway open redirect

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS5.3AI score0.00182EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the batman-adv module’s failure to release the backbonegw reference when inserting a statement in...

5.8AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2026/05/11 10:2 a.m.3 views

MINI-5PWM-H7GW-WJ32

Bulletin has no description...

5.9CVSS5.7AI score0.0017EPSS
Exploits0
OSV
OSV
added 2026/04/11 8:31 p.m.1 views

MINI-38MX-PM4V-X7GW

Bulletin has no description...

7.5CVSS5.7AI score0.00349EPSS
Exploits0
NVD
NVD
added 2026/03/13 7:53 p.m.5 views

CVE-2025-13779

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...

8.3CVSS0.00285EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 1:11 p.m.8 views

CVE-2025-13779

The CVE-2025-13779 entry concerns ABB AWIN GW100 rev.2 and AWIN GW120 units with a missing authentication vulnerability in a critical function. Affected revisions: GW100 rev.2 (2.0-0, 2.0-1) and GW120 (1.2-0, 1.2-1). The issue is exploitable with adjacent attack vector, low complexity, no privile...

8.3CVSS5.8AI score0.00285EPSS
Exploits0References1
Redos
Redos
added 2026/01/21 12:0 a.m.4 views

ROS-20260121-73-0021

A vulnerability in the fibchecknhv6gw function of the Linux operating system kernel is related to a possible memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.2AI score0.00185EPSS
Exploits0
EUVD
EUVD
added 2025/10/14 6:30 p.m.6 views

EUVD-2025-34264

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.00418EPSS
Exploits0References2
OSV
OSV
added 2025/10/14 5:15 p.m.7 views

CVE-2025-37144

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS5.9AI score0.00418EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5620

Malware in sbrugna...

4.3CVSS6.4AI score0.01171EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5621

Malware in sbrugna...

5CVSS6.4AI score0.01423EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5618

Malware in sbrugna...

7.5CVSS6.4AI score0.01271EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31623

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.0045EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/10 11:32 a.m.4 views

Security update for docker-compose

This update for docker-compose fixes the following issues: Update to version 2.33.1: Improvements Add support for gwpriority, enableipv4 requires docker v28.0 by @thaJeztah in 12570 Fixes Run watch standalone if menu fails to start by @ndeloof in 12536 Report error using non-file secret|config wi...

7.5CVSS7.3AI score0.01592EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 3:34 a.m.10 views

CVE-2023-27888

Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product...

5.4CVSS6.3AI score0.0045EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:57 a.m.7 views

CVE-2019-12000

HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...

6.6CVSS7.1AI score0.01147EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 4:32 p.m.15 views

CVE-2025-27084 Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal (CP) of an AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-based Management Interface

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting XSS attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the...

5.4CVSS0.00257EPSS
Exploits0References1
Rows per page
Query Builder