Lucene search
K

1839 matches found

CVE
CVE
added 2025/12/24 9:1 p.m.12 views

CVE-2025-68919

CVE-2025-68919 affects Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express (DX/AF Management Software). The issue arises because maintenance data collected by the system can be accessed by a non-admin principal, potentially exposing data and impacting confidentiality (C), with limited integrity/a...

5.6CVSS6.5AI score0.00099EPSS
Exploits0References1
Redos
Redos
added 2025/12/17 12:0 a.m.5 views

ROS-20251217-7317

A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information using a specially crafted HTML pag...

8.8CVSS6.4AI score0.00219EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/13 3:58 p.m.7 views

CVE-2025-58770

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability...

8.4CVSS6.9AI score0.00098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 2:32 a.m.14 views

CVE-2025-42875

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

6.6CVSS7.1AI score0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 2:32 a.m.5 views

CVE-2025-42928

Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and...

9.1CVSS7.8AI score0.08163EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.7 views

EUVD-2025-201852

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

6.6CVSS6.6AI score0.0031EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 4:17 p.m.7 views

CVE-2025-42875

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

6.6CVSS0.0031EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

CVE-2025-40938

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

9.8CVSS5.7AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.7 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.8 views

AZL-72545 CVE-2025-2296 affecting package edk2 for versions less than 20240524git3e722403cd16-11

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00669EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 10:44 a.m.18 views

CVE-2025-40938

SIMATIC CN 4100 (all versions below V4.0.1) contains a vulnerability where sensitive data is stored in the firmware, potentially exposing confidentiality, integrity, and availability. Connected advisories confirm a fix in newer firmware versions (V4.0.1 and later); apply the vendor-released updat...

9.8CVSS6.3AI score0.00329EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49843

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

9.2CVSS6.6AI score0.00329EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-2296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...

8.4CVSS6.2AI score0.00669EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/08 12:0 a.m.12 views

D-Link Routers Buffer Overflow Vulnerability

D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.8CVSS7.5AI score0.57037EPSS
In wildExploits1
CNVD
CNVD
added 2025/11/27 12:0 a.m.5 views

Blog Site admin.php file improper authorization vulnerability

Blog Site is a blogging system. Blog Site suffers from an improper authorization vulnerability that originates in the file /admin.php, which can be exploited by an attacker to compromise confidentiality, integrity, and availability...

8.8CVSS6.8AI score0.00249EPSS
Exploits0References1
Redos
Redos
added 2025/11/25 12:0 a.m.5 views

ROS-20251125-13

A vulnerability in the maskedPaths feature of the isolated container runc tool is related to the runc state that allows link tracking. Exploitation of the vulnerability could allow an attacker to Affect the confidentiality, integrity and availability of protected information...

7.8CVSS6.7AI score0.0067EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2025/11/24 7:42 p.m.3 views

CVE-2025-52539

A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface AXI, potentially resulting in loss of confidentiality, integrity, and/or availability...

7.3CVSS6.6AI score0.00111EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/13 1:0 a.m.9 views

CVE-2025-65001

Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability...

8.2CVSS6.9AI score0.00145EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28627)

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability...

8.4CVSS8.4AI score0.00218EPSS
Exploits0References2
NVD
NVD
added 2025/11/12 6:15 p.m.6 views

CVE-2025-65001

Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability...

8.2CVSS0.00145EPSS
Exploits0References3
Rows per page
Query Builder