Lucene search
+L

109 matches found

Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.8 views

PT-2026-24672

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22 @openclaw/voice-call versions prior to 2026.2.22 Description OpenClaw and @openclaw/voice-call accept media-stream WebSocket upgrades before validating the stream, allowing unauthenticated clients to...

8.7CVSS5.3AI score0.00426EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.4 views

CVE-2026-21718

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system...

10CVSS6.4AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2026/02/27 1:16 a.m.9 views

CVE-2026-21718

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system...

10CVSS0.00428EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 1:16 a.m.6 views

CVE-2026-21718

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system...

9.8CVSS6.2AI score0.00428EPSS
Exploits0References3
CVE
CVE
added 2026/02/27 12:34 a.m.25 views

CVE-2026-21718

CVE-2026-21718 affects Copeland XWEB Pro (pre-1.12.1). Multiple sources (NVD, Red Hat, EUVD) describe an authentication bypass that enables pre-authenticated code execution over the network. Theconsistent impact is high/critical (C:H/I:H/A:H) with network access and no privileges required. PT-202...

10CVSS6AI score0.00428EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2025/11/27 12:0 a.m.177 views

📄 Monsta FTP DownloadFile Remote Code Execution

This Metasploit module exploits a pre-authenticated remote code execution vulnerability in Monsta FTP versions prior to 2.11.3. The vulnerability exists in the downloadFile action which allows an attacker to connect to a malicious FTP or SFTP server and download arbitrary files to arbitrary...

9.8CVSS8.1AI score0.72667EPSS
Exploits6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-5552

Malware in sbrugna...

5.5CVSS5.5AI score0.01097EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28100

Malicious code in bioql PyPI...

9.8CVSS9.5AI score0.0131EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-23620

Malicious code in bioql PyPI...

9.8CVSS8.4AI score0.17066EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.5 views

StrongDM Client 安全漏洞

StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from insufficient protection of pre-authenticated tokens, which could lead to interception and reuse of tokens...

8.5CVSS6.6AI score0.00135EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/08/06 12:0 a.m.11 views

VulnCheck KEV: CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

9.8CVSS6AI score0.2079EPSS
In wildExploits0References5
NVD
NVD
added 2025/08/05 1:15 p.m.11 views

CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

9.8CVSS0.17066EPSS
Exploits0References1
OSV
OSV
added 2025/08/05 1:15 p.m.4 views

CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

9.8CVSS6AI score0.17066EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/05 1:0 p.m.7 views

CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

9.4CVSS6.8AI score0.17066EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/05 1:0 p.m.3 views

CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

9.8CVSS6AI score0.2079EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/05 1:0 p.m.93 views

CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

9.4CVSS0.17066EPSS
Exploits0References1
CVE
CVE
added 2025/08/05 1:0 p.m.154 views

CVE-2025-54948

CVE-2025-54948 affects Trend Micro Apex One (on-premise) management console. The vulnerability is an OS command injection that could allow a pre-authenticated remote attacker to upload malicious code and execute commands. Exploitation details are supported by multiple sources in Connected documen...

9.8CVSS7AI score0.2079EPSS
In wildExploits0References2Affected Software1
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.6 views

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that originates from allowing a pre-authenticated remote attacker to upload malicious code and execute commands...

9.8CVSS8.6AI score0.2079EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.6 views

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that originates from allowing a pre-authenticated remote attacker to upload malicious code and execute commands...

9.8CVSS8.6AI score0.17066EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.4 views

Sophos Firewall 安全漏洞

Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 21.0.2, which stems from a command injection issue in WebAdmin that could lead to pre-authenticated code execution...

8.8CVSS7.9AI score0.03795EPSS
Exploits0References1
Rows per page
Query Builder