Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

RedhatCVE
RedhatCVEadded 2025/10/22 12:12 p.m.4 views

CVE-2025-10640

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive...

9.8CVSS7.1AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/10/22 12:12 p.m.3 views

CVE-2025-10641

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

7.1CVSS6.7AI score0.00024EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/21 12:31 p.m.3 views

EUVD-2025-35164

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

6.2AI score0.00024EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/21 12:31 p.m.2 views

EUVD-2025-35159

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive...

6.6AI score0.00389EPSS
Exploits0References2
NVD
NVDadded 2025/10/21 12:15 p.m.3 views

CVE-2025-10640

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive...

9.8CVSS0.00389EPSS
Exploits0References2
NVD
NVDadded 2025/10/21 12:15 p.m.2 views

CVE-2025-10641

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

7.1CVSS0.00024EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/10/21 11:48 a.m.2 views

CVE-2025-10641 Unencrypted cleartext communication in EfficientLab WorkExaminer Professional

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

6.4AI score0.00024EPSS
Exploits0References1
CVE
CVEadded 2025/10/21 11:48 a.m.8 views

CVE-2025-10641

EfficientLab WorkExaminer Professional suffers unencrypted traffic across its monitoring stack. The CVE-2025-10641 description (confirmed across multiple sources) states that all communications between monitoring client, console, and server are transmitted in clear text, including unencrypted FTP...

7.1CVSS6.4AI score0.00024EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/21 11:48 a.m.7 views

CVE-2025-10641 Unencrypted cleartext communication in EfficientLab WorkExaminer Professional

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

0.00024EPSS
Exploits0References1
CVE
CVEadded 2025/10/21 11:43 a.m.10 views

CVE-2025-10640

CVE-2025-10640 affects EfficientLab’s WorkExaminer Professional (server components). An unauthenticated attacker who can reach TCP port 12306 can bypass server-side authentication due to a missing validation in the protocol call to an MSSQL stored procedure; the client-side validation is relied u...

9.8CVSS6.7AI score0.00389EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/21 11:43 a.m.7 views

CVE-2025-10640 Missing Server-Side Authentication Checks in EfficientLab WorkExaminer Professional

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive...

0.00389EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/10/21 11:43 a.m.5 views

CVE-2025-10640 Missing Server-Side Authentication Checks in EfficientLab WorkExaminer Professional

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive...

6.7AI score0.00389EPSS
Exploits0References1
Rows per page
Query Builder