Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/10/22 12:12 p.m.2 views

CVE-2025-10641

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

7.1CVSS6.7AI score0.00024EPSS
Exploits0References1
NVD
NVDadded 2025/10/21 12:15 p.m.1 views

CVE-2025-10641

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

7.1CVSS0.00024EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/10/21 11:48 a.m.1 views

CVE-2025-10641 Unencrypted cleartext communication in EfficientLab WorkExaminer Professional

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

6.4AI score0.00024EPSS
Exploits0References1
CVE
CVEadded 2025/10/21 11:48 a.m.7 views

CVE-2025-10641

EfficientLab WorkExaminer Professional suffers unencrypted traffic across its monitoring stack. The CVE-2025-10641 description (confirmed across multiple sources) states that all communications between monitoring client, console, and server are transmitted in clear text, including unencrypted FTP...

7.1CVSS6.4AI score0.00024EPSS
Exploits0References2
vulnersOsv
vulnersOsvadded 2025/08/19 3:31 p.m.2 views

at.ganzleicht.vaadin:vaadin-server (>=9.1.1 <=9.1.3), br.com.thiagomoreira.liferay.plugins.fix-virtual-host-app:fix-virtual-host-hook (>=2.0.0 <=5.1.0) +663 more potentially affected by CVE-2025-43740 via com.liferay.portal:com.liferay.portal.kernel (>=100.0.0 <=9.4.0)

com.liferay.portal:com.liferay.portal.kernel MAVEN version =100.0.0, =9.1.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =1.0.0.RELEASE - com.gitee.pif...

5.4CVSS5.8AI score0.00041EPSS
Exploits0
CNVD
CNVDadded 2017/04/23 12:0 a.m.2 views

SQL injection vulnerability in the id parameter of the treeformap.php file of Hikvision remote monitoring client system

Hikvision is a video-centric IoT solution and data operation service provider. A SQL injection vulnerability exists in the id parameter of the treeformap.php file in Hikvision's remote monitoring client system. It allows attackers to exploit the vulnerability to obtain sensitive database...

7.9AI score
Exploits0
Rows per page
Query Builder