Lucene search
K

797 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.10 views

CVE-2022-27661

Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow...

4.3CVSS6.6AI score0.00718EPSS
Exploits0References1
CVE
CVE
added 2026/01/02 2:52 p.m.12 views

CVE-2025-47208

CVE-2025-47208 affects QNAP QTS and QuTS hero where an allocation of resources without limits or throttling can lead to a denial of service if a remote attacker obtains a user account. The issue is mitigated by fixes in QTS 5.2.6.3195 build 20250715 and later and QuTS hero h5.2.6.3195 build 20250...

7.1CVSS6.5AI score0.00286EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/09 6:30 p.m.6 views

EUVD-2025-202288

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required...

7.1CVSS6.4AI score0.01171EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/25 7:30 a.m.2 views

CVE-2025-59371

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...

7.5CVSS6.6AI score0.00719EPSS
Exploits0References1
OSV
OSV
added 2025/11/07 4:15 p.m.5 views

CVE-2025-53410

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

6.5CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2025/10/27 3:15 p.m.5 views

CVE-2025-36121

IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/14 9:50 p.m.4 views

CVE-2025-11623

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00775EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.4 views

CVE-2025-62385

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00768EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.4 views

CVE-2025-62386

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00768EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 2:22 p.m.9 views

CVE-2025-10986

CVE-2025-10986 affects Ivanti Endpoint Manager Mobile (EPMM) admin panel. A path traversal vulnerability exists in EPMM versions before 12.6.0.2, 12.5.0.4, and 12.4.0.4 that could allow a remote authenticated attacker with admin privileges to write data to unintended locations on disk. Connected ...

5.5CVSS6.4AI score0.00576EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/14 12:31 a.m.5 views

EUVD-2025-34107

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS7.2AI score0.0162EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 12:31 a.m.5 views

EUVD-2025-34103

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS7.2AI score0.00768EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 12:31 a.m.5 views

EUVD-2025-34101

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS7.2AI score0.00768EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 12:31 a.m.5 views

EUVD-2025-34098

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS7.2AI score0.00774EPSS
Exploits0References2
OSV
OSV
added 2025/10/13 10:15 p.m.4 views

CVE-2025-62392

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00769EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 10:15 p.m.5 views

CVE-2025-62390

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.0162EPSS
Exploits0References1
NVD
NVD
added 2025/10/13 10:15 p.m.4 views

CVE-2025-62387

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS0.01618EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 10:15 p.m.3 views

CVE-2025-62387

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.01618EPSS
Exploits0References1
NVD
NVD
added 2025/10/13 10:15 p.m.7 views

CVE-2025-62384

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS0.00774EPSS
Exploits0References1
CVE
CVE
added 2025/10/13 9:12 p.m.15 views

CVE-2025-62386

CVE-2025-62386 is a SQL injection vulnerability in Ivanti Endpoint Manager. According to connected sources, it allows a remote authenticated attacker to read arbitrary data from the database, with a CVSS v3.1 base score of 6.5 (Medium) and confidentiality impact High. The issue affects Ivanti End...

6.5CVSS6AI score0.00768EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder