Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.8 views

CVE-2025-27850

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a symlink attack. If a malicious graphics package containing symlinks is uploaded, the web server follows the supplied links when serving content. No mechanisms to restrict those link targets to a specific area of the...

7.5CVSS5.5AI score0.00387EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/09 8:16 a.m.3 views

CVE-2025-41760

An administrator may attempt to block all traffic by configuring a pass filter with an empty table. However, in UBR, an empty list does not enforce any restrictions and allows all network traffic to pass unfiltered...

4.9CVSS5.8AI score0.0032EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/15 1:7 p.m.5 views

EUVD-2026-2817

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

4.3CVSS6.4AI score0.00333EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.6 views

GNU Privacy Guard 2.5.16

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

6.9AI score
Exploits0
NVD
NVD
added 2025/10/06 7:15 a.m.3 views

CVE-2025-58578

A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation...

4.3CVSS0.00299EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/06 6:47 a.m.3 views

EUVD-2025-32501

A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation...

3.8CVSS6.3AI score0.00299EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.6 views

The vulnerability of the universal monitoring system Zabbix, related to the distribution of resources without any restrictions or regulations, allows a intruder to trigger a service failure.

The vulnerability of the Zabbix universal monitoring system is related to the use of excessive resources without proper restrictions or controls. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS5.4AI score0.00912EPSS
Exploits0References5Affected Software3
CNNVD
CNNVD
added 2021/05/24 12:0 a.m.3 views

Koel 安全漏洞

Koel is a simple web-based personal audio streaming service written in Vue on the client side and Laravel on the server side. A security vulnerability exists in Koel versions prior to 5.1.4 that stems from no login restrictions, no password strength policy, and displaying whether a failed login...

7.5CVSS7.3AI score0.00794EPSS
Exploits1References3
securityvulns
securityvulns
added 2000/08/11 12:0 a.m.29 views

Дырка в Tumbleweed Worldsecure (MMS)

При установке создается учетная запись пользователя с пустым паролем и без ограничения прав...

0.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder