Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

35 matches found

Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.0 views

PT-2026-23226

Name of the Vulnerable Software and Affected Versions axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme versions through 1.2.5 Description The axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme contains a flaw related to improper...

5.9AI score0.00172EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/02/24 10:42 p.m.3 views

CVE-2026-3025

A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx. Executing a manipulation of the argument File can lead to unrestricted upload. It is possible...

9.8CVSS5.2AI score0.00052EPSS
Exploits0References1
OSV
OSVadded 2026/02/23 9:19 p.m.1 views

CVE-2026-3025

A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx. Executing a manipulation of the argument File can lead to unrestricted upload. It is possible...

9.8CVSS5.5AI score
Exploits0References3
CVE
CVEadded 2026/02/23 8:2 p.m.4 views

CVE-2026-3025

Affects ShuoRen Smart Heating Integrated Management Platform 1.0.0. The vulnerability lies in an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx, where manipulating the File argument can cause unrestricted file upload. Exploitation is remote, and an exploit has be...

9.8CVSS7.1AI score0.00052EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2026/02/23 12:0 a.m.3 views

ShuoRen Times Smart Heating Integrated Management 代码问题漏洞

ShuoRen Times Smart Heating Integrated Management is an intelligent heating management platform developed by ShuoRen Times Corporation. Version 1.0.0 of ShuoRen Times Smart Heating Integrated Management contains a code vulnerability. This vulnerability arises from improper handling of parameters ...

9.8CVSS7.2AI score0.00052EPSS
Exploits0References3
HackRead
HackReadadded 2026/01/27 11:36 a.m.3 views

Poland Thwarts Russian Wiper Malware Attack on Power Plants

Poland blocked a Russian wiper malware attack on power and heating plants, officials say, avoiding outages during winter and prompting tighter cyber rules...

5.9AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2025/06/27 12:0 a.m.2 views

Reconstructing Intelligible Speech from the Pressure Sensor Data in HVACs

Pressure sensors are an integrated component of modern Heating, Ventilation, and Air Conditioning HVAC systems. As these pressure sensors operate within the 0-10 Pa range, support high sampling frequencies of 0.5-2 kHz, and are often placed close to human proximity, they can be used to eavesdrop ...

6.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 7:17 a.m.2 views

CVE-2024-8705

A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDataKindByType of the file /DataSrvs/UCCGSrv.asmx. The manipulation leads to sql injection. The attac...

6.5CVSS6.7AI score0.00024EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/03/04 12:0 a.m.2 views

Carrier Block Load 代码问题漏洞

Carrier Block Load is an application from Carrier, Inc. which provides easy-to-use commercial load calculations for HVAC systems. A security vulnerability exists in Carrier Block Load that stems from an uncontrolled path element that could lead to DLL hijacking and arbitrary code execution...

7.1CVSS7.5AI score0.01495EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/02/18 12:0 a.m.1 views

Hitachi HVAC Energy Saving Program 安全漏洞

Hitachi HVAC Energy Saving Program is an energy saving program project of Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi HVAC Energy Saving Program that originates from an unsafe loading of a dynamic link library, which could lead to local code execution or information...

7.3CVSS6.8AI score0.00014EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/01/01 12:0 a.m.1 views

PT-2025-43668

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 115.31 Firefox ESR versions prior to 140.6 Description A sandbox escape exists because of incorrect boundary conditions within the Graphics: CanvasWebGL component. Real-world attacks...

9.8CVSS6.8AI score0.19171EPSS
Exploits2References225
Cvelist
Cvelistadded 2024/09/11 10:31 p.m.12 views

CVE-2024-8705 Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System UCCGSrv.asmx GetDataKindByType sql injection

A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDataKindByType of the file /DataSrvs/UCCGSrv.asmx. The manipulation leads to sql injection. The attac...

6.5CVSS0.00024EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/09/11 12:0 a.m.1 views

Heating Network Wireless Monitoring System SQL注入漏洞

Star Measurement and Control Heating Network Wireless Monitoring System is a heating management system from Star Measurement and Control. A SQL injection vulnerability exists in Heating Network Wireless Monitoring System version 5.6.2, which stems from an operation of the GetDataKindByType functi...

6.5CVSS7AI score0.00024EPSS
Exploits0References5
Wired Threat Level
Wired Threat Leveladded 2024/07/23 9:0 a.m.8 views

How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter

The code, the first of its kind, was used to sabotage a heating utility in Lviv at the coldest point in the year—what appears to be yet another innovation in Russia’s torment of Ukrainian civilians...

7.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2024/04/11 5:31 p.m.5 views

kershawplumbingheating.co.uk Cross Site Scripting vulnerability OBB-3917353

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2024/03/06 7:17 p.m.5 views

floor-heating.nl Improper Access Control vulnerability OBB-3866305

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbountyadded 2023/03/12 8:11 p.m.11 views

newtonsheatingandair.com Cross Site Scripting vulnerability OBB-3219541

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Openbugbounty
Openbugbountyadded 2023/01/06 9:22 p.m.10 views

colletteheatingcooling.com Cross Site Scripting vulnerability OBB-3130402

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2022/08/09 12:59 p.m.14 views

hydeheatingandcooling.com.au Cross Site Scripting vulnerability OBB-2832775

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2022/04/15 6:10 p.m.9 views

jonesboroheatingandcooling.com Cross Site Scripting vulnerability OBB-2516320

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Rows per page
Query Builder