Lucene search
+L

282 matches found

cve
cve
added 3 days ago7 views

CVE-2025-11698

The CVE-2025-11698 vulnerability affects 5380/5480/5580 controllers with boot firmware versions below 1.072. It enables a denial-of-service by allowing a malicious actor to write invalid file data to the controller, potentially causing a major non-recoverable fault (MNRF). The documents do not pr...

9.2CVSS6.1AI score0.00253EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/30 2:28 p.m.8 views

CVE-2026-53432

A flaw was found in fzf. An integer overflow vulnerability exists in the FuzzyMatchV2 function when processing exceptionally long input lines and patterns. This can lead to the application terminating unexpectedly with a non-recoverable panic, resulting in a Denial of Service DoS. A local user...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References6
nessus
nessus
added 2026/06/23 12:0 a.m.5 views

Automated Logic WebCTRL Storing Passwords in a Recoverable Format (CVE-2025-14295)

CWE-257 Storing Passwords in a Recoverable Format vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. An attacker with elevated access can retrieve passwords stored in a recoverable format, potentially compromising credentials and neighboring...

7CVSS5.9AI score0.00158EPSS
Exploits0References2
nessus
nessus
added 2026/06/23 12:0 a.m.4 views

Carrier Corporation i-VU Storing Passwords in a Recoverable Format (CVE-2025-14295)

CWE-257 Storing Passwords in a Recoverable Format vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. An attacker with elevated access can retrieve passwords stored in a recoverable format, potentially compromising credentials and neighboring...

7CVSS5.9AI score0.00158EPSS
Exploits0References2
euvd
euvd
added 2026/06/08 12:58 p.m.12 views

EUVD-2026-35062

Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can recover from such as running out of file descriptors. This condition can be triggered maliciously by an attacker by opening a large number of connections to the HTTP or RTR server. This only affec...

8.7CVSS5.5AI score0.00333EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:40 p.m.9 views

CVE-2025-4397

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS5.5AI score0.00131EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:27 p.m.10 views

CVE-2026-22576

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

6.5CVSS5.5AI score0.00263EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: preventing a hang during link training failure Why When link training fails, the phy clock will be disabled. However, in “enablestreams”, it is assumed that link training was successful, and the mux selects the p...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References1
euvd
euvd
added 2026/05/07 6:30 p.m.11 views

EUVD-2025-209728

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References5
nvd
nvd
added 2026/05/07 4:16 p.m.20 views

CVE-2025-4397

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS0.00131EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/05/07 3:3 p.m.8 views

CVE-2025-4397 Medtronic MyCareLink Patient Monitor Data Encryption Weakness

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References4
cve
cve
added 2026/05/07 3:3 p.m.21 views

CVE-2025-4397

CVE-2025-4397 affects Medtronic MyCareLink Patient Monitor. The issue is that per‑product credentials are stored in a recoverable format, allowing an attacker to use these credentials to modify encrypted drive data. The description indicates physical access as the attack vector and a high impact ...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/07 3:3 p.m.37 views

CVE-2025-4397 Medtronic MyCareLink Patient Monitor Data Encryption Weakness

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS0.00131EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/05/07 3:3 p.m.7 views

CVE-2025-4397

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References5
susecve
susecve
added 2026/05/07 2:16 a.m.10 views

SUSE CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/07 12:0 a.m.17 views

PT-2026-38447

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References5
cisa_kev
cisa_kev
added 2026/04/20 12:0 a.m.10 views

Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user...

7.5CVSS7.6AI score0.05269EPSS
In wildExploits0
cvelist
cvelist
added 2026/04/14 3:38 p.m.27 views

CVE-2026-22576

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

4.3CVSS0.00263EPSS
Exploits0References1
cve
cve
added 2026/04/14 1:13 p.m.40 views

CVE-2025-8095

CVE-2025-8095 describes a vulnerability in the OECH1 prefix encoding used by the OpenEdge platform. The encoding is cryptographically weak and unsuitable for stored encodings or enterprise applications; OECH1 should be considered exploitable and immediately replaced with a supported prefix encodi...

10CVSS5.7AI score0.00216EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/04/14 12:0 a.m.8 views

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are security orchestration, automation, and response software developed by Fortinet, a US-based company. Both versions of Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise have security vulnerabilities. These vulnerabilities stem...

6.5CVSS5.9AI score0.00263EPSS
Exploits0References1
Rows per page
Query Builder