Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/06/12 11:16 a.m.15 views

CVE-2026-9266

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS0.0007EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/12 10:0 a.m.6 views

CVE-2026-9266

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
CVE
CVEadded 2026/06/12 10:0 a.m.16 views

CVE-2026-9266

CVE-2026-9266 affects Moxa’s embedded Linux firmware for industrial computers and controllers. The issue is a Missing Required Cryptographic Step, an incomplete remediation of CVE-2026-0714, where TPM2 parameter encryption is undermined by an omission in the authorization session configuration. A...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/29 3:19 p.m.7 views

CVE-2025-41351

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs...

6CVSS5.9AI score0.00194EPSS
Exploits0References1
NVD
NVDadded 2026/01/28 11:15 a.m.6 views

CVE-2025-41351

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs...

6CVSS0.00194EPSS
Exploits0References1
NVD
NVDadded 2025/10/09 9:15 p.m.6 views

CVE-2025-35052

Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...

6.3CVSS0.00351EPSS
Exploits0References2
CERT
CERTadded 2023/02/28 12:0 a.m.361 views

TCG TPM2.0 implementations vulnerable to memory corruption

Overview Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module TPM 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and...

7.8CVSS8.7AI score0.05552EPSS
Exploits0References9
seebug.org
seebug.orgadded 2012/02/07 12:0 a.m.23 views

Phpcms V9 uc api SQL注入漏洞

1.未启用ucenter服务的情况下uckey为空 define'UCKEY', pcbase::loadconfig'system', 'uckey'; 2. deleteuser接口存在SQL注入漏洞,UC算法加密的参数无惧GPC,程序员未意识到$get'ids'会存在SQL注入情况。 public function deleteuser$get,$post pcbase::loadappfunc'global', 'admin'; pcbase::loadappclass'messagequeue', 'admin' , 0; $ids =...

7AI score
Exploits0
Rows per page
Query Builder