Lucene search
K

306 matches found

Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.10 views

PT-2026-21591

Name of the Vulnerable Software and Affected Versions free5GC SMF versions up to and including 1.4.1 Description free5GC SMF provides the Session Management Function for free5GC, an open-source project for 5G mobile core networks. The software experiences a panic and terminates when processing a...

8.7CVSS5.9AI score0.00302EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/02/12 1:43 p.m.5 views

CVE-2025-13649

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

6.1CVSS5.7AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 9:15 a.m.7 views

CVE-2025-13649

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

6.1CVSS0.00227EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/11 9:5 a.m.4 views

CVE-2025-13649

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

5.1CVSS5.7AI score0.00227EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 9:5 a.m.4 views

CVE-2025-13649 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

5.1CVSS5.7AI score0.00227EPSS
Exploits0References4
CVE
CVE
added 2026/02/11 9:5 a.m.13 views

CVE-2025-13649

The CVE concerns ZeusWeb (provider Microcom) version 6.1.31 where an attacker with access to the web app can inject arbitrary JavaScript via an XSS payload in the Email field of the Recover password flow at the URL https://zeus.microcom.es:4040/index.html?zeus6=true. The vulnerability allows XSS ...

6.1CVSS5.7AI score0.00227EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7660

AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials...

8.5CVSS5.3AI score0.00676EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/08 1:21 a.m.5 views

CVE-2020-37122

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash...

7.5CVSS5.8AI score0.00401EPSS
Exploits0References1
NVD
NVD
added 2026/02/07 12:15 a.m.11 views

CVE-2020-37122

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash...

7.5CVSS0.00401EPSS
Exploits0References4
CVE
CVE
added 2026/02/06 11:14 p.m.15 views

CVE-2020-37122

Summary: CVE-2020-37122 affects SpotFTP-FTP Password Recover 2.4.8 and is described as a denial-of-service vulnerability triggered by a crafted registration code. According to the documents, an attacker can crash the application by providing a text file containing 1000 'Z' characters as the regis...

7.5CVSS5.9AI score0.00401EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/06 11:14 p.m.1 views

CVE-2020-37122 SpotFTP-FTP Password Recover 2.4.8 - Denial of Service

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash...

7.5CVSS6AI score0.00401EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/06 11:14 p.m.32 views

CVE-2020-37122 SpotFTP-FTP Password Recover 2.4.8 - Denial of Service

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash...

7.5CVSS0.00401EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.7 views

PT-2026-6817

Name of the Vulnerable Software and Affected Versions SpotFTP-FTP Password Recover version 2.4.8 Description The software contains a denial of service issue that allows attackers to crash the application. This is achieved by triggering a large buffer overflow. An attacker can create a text file...

7.5CVSS5.9AI score0.00401EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005100)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005100 advisory. In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlogrecoverprocessdata There is a lack of verification of the space...

7.1CVSS6.7AI score0.00224EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/16 2:23 p.m.10 views

CVE-2026-22911

Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device...

7.5CVSS7.2AI score0.00479EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004333 advisory. In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fsrecoverfsyncdata in fs/f2fs/recovery.c. This is...

7.1CVSS6.9AI score0.02096EPSS
Exploits1References6
NVD
NVD
added 2026/01/15 1:16 p.m.6 views

CVE-2026-22911

Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device...

7.5CVSS0.00479EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/01/15 9:4 a.m.5 views

f2fs: fix return value of f2fs_recover_fsync_data()

...

5.5CVSS5.4AI score0.00173EPSS
Exploits0
NVD
NVD
added 2026/01/13 4:15 p.m.4 views

CVE-2025-68769

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsrecoverfsyncdata With below scripts, it will trigger panic in f2fs: mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsync /mnt/f2fs/foo f2fsio...

0.00173EPSS
Exploits0References7
OSV
OSV
added 2026/01/13 4:15 p.m.6 views

UBUNTU-CVE-2025-68769

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsrecoverfsyncdata With below scripts, it will trigger panic in f2fs: mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsync /mnt/f2fs/foo f2fsio...

5.7AI score0.00173EPSS
Exploits0References38
Rows per page
Query Builder