Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2024/07/31 11:0 p.m.76 views

CVE-2024-38182

CVE-2024-38182 is a Microsoft Dynamics 365 elevation-of-privilege vulnerability described as weak authentication that allows an unauthenticated, network-based attacker to escalate privileges. Connected sources confirm the issue affects Microsoft Dynamics 365 Field Service On-Premises version 7 (o...

9.8CVSS9.2AI score0.02012EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2023/10/26 3:15 p.m.26 views

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

8.1CVSS6.9AI score0.00194EPSS
Exploits1References2
Prion
Prionadded 2023/10/26 3:15 p.m.14 views

Directory traversal

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

5.5CVSS6.4AI score0.00291EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2023/10/26 12:0 a.m.53 views

CVE-2023-45868

CVE-2023-45868 concerns the Learning Module in ILIAS 7.25 (2023-09-12 release). The vulnerability allows a high-impact Directory Traversal leading to confidentiality and availability loss. An attacker with basic user privileges can exploit the issue by manipulating a POST request during exercise ...

8.1CVSS7.9AI score0.00291EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/08/25 11:38 a.m.15 views

CVE-2021-33886

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as t...

8.1CVSS9AI score0.01325EPSS
Exploits1References2
Cvelist
Cvelistadded 2021/06/09 11:39 a.m.9 views

CVE-2021-33842 Circutor SGE-PLC1000 improper authentication

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located...

8.8CVSS8.7AI score0.00115EPSS
Exploits0References1
ICS
ICSadded 2021/02/16 12:0 a.m.31 views

Rockwell Automation Allen-Bradley Micrologix 1100

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1100 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability...

7.5CVSS7.8AI score0.00089EPSS
Exploits0References4
Rows per page
Query Builder