Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-27666

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00809EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.5 views

Helmholz myREX24、MB Connect Line mymbCONNECT24和MB Connect Line mbCONNECT24 安全漏洞

MB Connect Line mbCONNECT24 and others are products of MB Connect Line, Germany.MB Connect Line mbCONNECT24 is a suite of remote service portals.MB Connect Line mymbCONNECT24 is an on-premise remote maintenance for virtual environments. Helmholz myREX24 and others are products of Helmholz. Helmho...

7.5CVSS6.9AI score0.00324EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.3 views

Helmholz myREX24、MB Connect Line mymbCONNECT24和MB Connect Line mbCONNECT24 安全漏洞

MB Connect Line mbCONNECT24 and others are products of MB Connect Line, Germany.MB Connect Line mbCONNECT24 is a suite of remote service portals.MB Connect Line mymbCONNECT24 is an on-premise remote maintenance for virtual environments. Helmholz myREX24 and others are products of Helmholz. Helmho...

7.5CVSS6.7AI score0.00411EPSS
Exploits0References3
NVD
NVD
added 2023/10/16 9:15 a.m.28 views

CVE-2023-4834

In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he shoul...

4.3CVSS4.5AI score0.00331EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/10/16 8:40 a.m.17 views

CVE-2023-4834

In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he shoul...

4.3CVSS6.7AI score0.00331EPSS
Exploits0References2
CVE
CVE
added 2023/10/16 8:40 a.m.79 views

CVE-2023-4834

Summary: CVE-2023-4834 affects Red Lion Europe mbCONNECT24, mymbCONNECT24, and Helmholz myREX24 / myREX24.virtual up to version 2.14.2. The root cause is an improperly implemented access validation, enabling an authenticated, low-privileged attacker to read limited, non-critical device informatio...

4.3CVSS4.5AI score0.00331EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/06 11:15 a.m.12 views

Information disclosure

Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions =2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact...

4CVSS4.7AI score0.00515EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2022/09/14 2:15 p.m.34 views

CVE-2022-22520

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2...

5.3CVSS0.00809EPSS
Exploits0References2
Prion
Prion
added 2022/09/14 2:15 p.m.18 views

Code injection

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2...

5CVSS5.3AI score0.00809EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2022/09/14 2:5 p.m.65 views

CVE-2022-22520

CVE-2022-22520 describes a remote, unauthenticated user enumeration vulnerability in MB connect line products: mymbCONNECT24, mbCONNECT24, Helmholz myREX24, and myREX24.virtual up to v2.11.2. The underlying issue is that the webservice allows attackers to enumerate valid users by sending specific...

5.3CVSS5.3AI score0.00809EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2021/08/02 11:15 a.m.18 views

Design/Logic Flaw

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to t...

4CVSS4.7AI score0.00659EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2021/08/02 10:24 a.m.46 views

CVE-2021-34574

CVE-2021-34574 affects MB connect line products: mymbCONNECT24, mbCONNECT24, Helmholz myREX24 and myREX24.virtual up to version 2.11.2. An authenticated attacker can change their account password by intercepting and modifying the password-change request sent to the server, bypassing the password ...

4.3CVSS4.6AI score0.00659EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2021/08/02 12:0 a.m.5 views

PT-2021-20556 · Unknown · Mbconnect24 +2

Name of the Vulnerable Software and Affected Versions: mymbCONNECT24 versions through 2.11.2 mbCONNECT24 versions through 2.11.2 Helmholz myREX24 versions through 2.11.2 myREX24.virtual versions through 2.11.2 Description: An authenticated attacker can change the password of their account into a...

4.3CVSS4.6AI score0.00659EPSS
Exploits0References5
NVD
NVD
added 2021/03/02 10:15 p.m.29 views

CVE-2020-12527

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Improper access validation allows a logged in user to shutdown or reboot devices in his account without having corresponding permissions...

6.8CVSS0.01006EPSS
Exploits0References2
CVE
CVE
added 2021/03/02 9:15 p.m.60 views

CVE-2020-12527

CVE-2020-12527 affects MB connect line products: mymbCONNECT24, mbCONNECT24, Helmholz myREX24, and myREX24.virtual (versions up to v2.11.2). The root cause is improper access validation that lets a logged-in user perform privileged actions (shutdown/reboot) on devices in their account without the...

6.8CVSS6.7AI score0.01006EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2021/02/16 4:15 p.m.6 views

CVE-2020-35566

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local File Inclusion...

5.3CVSS5.9AI score0.012EPSS
Exploits0References3
NVD
NVD
added 2021/02/16 4:15 p.m.20 views

CVE-2020-35557

An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not have access to due to improper use of access validation...

6.5CVSS0.00971EPSS
Exploits0References3
OSV
OSV
added 2021/02/16 4:15 p.m.5 views

CVE-2020-35568

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An incomplete filter applied to a database response allows an authenticated attacker to gain non-public information about other users and devices in the...

4.3CVSS5.8AI score0.00933EPSS
Exploits0References3
NVD
NVD
added 2021/02/16 4:15 p.m.13 views

CVE-2020-35561

An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. There is an SSRF in the HA module allowing an unauthenticated attacker to scan for open ports...

5.3CVSS0.01193EPSS
Exploits0References3
NVD
NVD
added 2021/02/16 4:15 p.m.25 views

CVE-2020-35570

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An unauthenticated attacker is able to access files that should have been restricted via forceful browsing...

5.3CVSS0.01249EPSS
Exploits0References3
Rows per page
Query Builder