Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2025/12/09 1:41 p.m.3 views

CVE-2025-12381

AlgoSec Firewall Analyzer (Linux, 64‑bit) is affected by CVE-2025-12381 due to improper privilege management in a sudoers‑authorized command. A local user with CLI access can escalate privileges by abusing parameters of that approved command, enabling privilege escalation and parameter injection....

7.8CVSS6.5AI score0.00015EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/12/09 1:41 p.m.1 views

CVE-2025-12381 Privilege Escalation via Misconfigured Sudoers Entry for Local Users in AlgoSec Firewall Analyzer

Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection. A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file. This...

6.1CVSS6.5AI score0.00015EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2012-6596

Malware in sbrugna...

9.4CVSS6.4AI score0.56275EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/09/16 7:45 p.m.5 views

CVE-2025-34187 Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads...

9.3CVSS7.3AI score0.01902EPSS
Exploits2References4
CNNVD
CNNVDadded 2025/09/16 12:0 a.m.1 views

Ilevia EVE X1 Server和Ilevia EVE X5 Server 安全漏洞

Ilevia EVE X1 Server and Ilevia EVE X5 Server are both a smart home and building automation from Ilevia, Italy. A security vulnerability exists in Ilevia EVE X1 Server and Ilevia EVE X5 Server versions 4.7.18.0.eden and earlier, which stems from a misconfigured sudoers file and could lead to remo...

9.3CVSS6.8AI score0.01902EPSS
Exploits2References5
Zero Science Lab
Zero Science Labadded 2025/09/05 12:0 a.m.159 views

Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

9.3CVSS5.9AI score0.01902EPSS
Exploits2
Vulnrichment
Vulnrichmentadded 2025/08/11 2:56 p.m.2 views

CVE-2012-10040 Openfiler v2.x NetworkCard Command Execution

Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...

9.4CVSS8.4AI score0.56275EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/08/11 12:0 a.m.4 views

PT-2025-32553 · Openfiler · Openfiler

Name of the Vulnerable Software and Affected Versions: Openfiler versions 2.x Description: Openfiler v2.x contains a command injection issue in the system.html page. The device parameter is used to create a NetworkCard object, and its constructor in network.inc calls exec with unsanitized input. ...

9.4CVSS7.6AI score0.56275EPSS
Exploits0References7
Rows per page
Query Builder