26 matches found
EUVD-2025-19120
Malicious code in bioql PyPI...
CVE-2025-49153
The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code...
CVE-2025-49151
The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...
CVE-2025-49152
The affected products contain JSON Web Tokens JWT that do not expire, which could allow an attacker to gain access to the system...
CVE-2025-49151
The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...
CVE-2025-49153 Path Traversal in MICROSENS NMP Web+
The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code...
CVE-2025-49153
CVE-2025-49153 is a path-traversal flaw in MICROSENS NMP Web+ that allows an unauthenticated attacker to overwrite files and execute arbitrary code. Several sources (NVD/NVD-like, CVE lists, and CISA ICS advisory ICSA-25-175-07) describe the issue as unauthenticated and capable of arbitrary code ...
CVE-2025-49153 Path Traversal in MICROSENS NMP Web+
The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code...
CVE-2025-49152 Insufficient Session Expiration in MICROSENS NMP Web+
The affected products contain JSON Web Tokens JWT that do not expire, which could allow an attacker to gain access to the system...
CVE-2025-49152
CVE-2025-49152 affects MICROSENS NMP Web+ where issued JWTs do not expire, enabling potential unauthenticated access. Connected documents confirm that tokens can be forged or used to bypass authentication, potentially allowing file overwrites or arbitrary code execution in affected products. Affe...
CVE-2025-49152 Insufficient Session Expiration in MICROSENS NMP Web+
The affected products contain JSON Web Tokens JWT that do not expire, which could allow an attacker to gain access to the system...
CVE-2025-49151
CVE-2025-49151 affects MICROSENS NMP Web+; an unauthenticated attacker could forge JSON Web Tokens (JWT) to bypass authentication. PT-2025-26855 specifies affected versions: MICROSENS NMP Web+ prior to 3.3.0, with a fix in 3.3.0. The risk is described as enabling unauthorized access and potential...
CVE-2025-49151 Use of Hard-coded, Security-relevant Constants in MICROSENS NMP Web+
The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...
CVE-2025-49151 Use of Hard-coded, Security-relevant Constants in MICROSENS NMP Web+
The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication...
PT-2025-26857 · Microsens · Microsens Nmp Web+
Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ affected versions not specified Description: The issue could allow an unauthenticated attacker to overwrite files and execute arbitrary code. Recommendations: At the moment, there is no information about a newer version tha...
PT-2025-26855 · Microsens · Microsens Nmp Web+
Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ versions prior to 3.3.0 Description: The issue allows an unauthenticated attacker to generate forged JSON Web Tokens JWT to bypass authentication. This could potentially lead to full system control. Organizations worldwide...
PT-2025-26856 · Microsens · Microsens Nmp Web+
Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ affected versions not specified Description: The issue concerns JSON Web Tokens JWT that do not expire in MICROSENS NMP Web+, potentially allowing an attacker to gain access to the system. Recommendations: At the moment,...
MICROSENS NMP Web+ 代码问题漏洞
MICROSENS NMP Web+ is a network management platform from MICROSENS Germany. A code issue vulnerability exists in MICROSENS NMP Web+ that stems from a JSON Web token that has not expired and could lead to system access...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on June 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-175-01 Kaleris Navis N4 Terminal Operating System ICSA-25-175-02 Delta Electronics...
MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation
No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20140228-0 ======================================================================= title: Privilege escalation vulnerability product: MICROSENS Profi Line Modular Industrial Switch Web Manager MS652119PM vulnerable...