Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

38 matches found

Nuclei
Nucleiadded yesterday28 views

Smart Office Web 20.28 - Information Disclosure

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx. id: CVE-2022-47075 info: name: Smart Office Web 20.28 - Information Disclosure author:...

7.5CVSS7.2AI score0.92051EPSS
Exploits4References5
RedhatCVE
RedhatCVEadded 2026/01/09 9:31 a.m.4 views

CVE-2023-25493

A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code...

6.7CVSS7.4AI score0.00017EPSS
Exploits0References1
NVD
NVDadded 2025/10/30 1:15 p.m.2 views

CVE-2025-10348

URVE Smart Office is vulnerable to Stored XSS in report problem functionality. An attacker with a low-privileged account can upload an SVG file containing a malicious payload, which will be executed when a victim visits the URL of the uploaded resource. The resource is available to anyone without...

5.1CVSS0.00064EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/30 1:0 p.m.4 views

CVE-2025-10348 Stored Cross-Site Scripting in URVE Smart Office

URVE Smart Office is vulnerable to Stored XSS in report problem functionality. An attacker with a low-privileged account can upload an SVG file containing a malicious payload, which will be executed when a victim visits the URL of the uploaded resource. The resource is available to anyone without...

5.1CVSS0.00064EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/10/30 12:0 a.m.3 views

URVE Smart Office 跨站脚本漏洞

URVE Smart Office is a smart office resource management system from URVE Smart Office, Poland. A cross-site scripting vulnerability exists in URVE Smart Office versions prior to 1.1.24, which stems from the presence of stored cross-site scripting in the function reporting the issue, which could...

5.1CVSS6AI score0.00064EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/30 12:0 a.m.2 views

PT-2025-44401

Name of the Vulnerable Software and Affected Versions URVE Smart Office versions prior to 1.1.24 Description URVE Smart Office is susceptible to a Stored Cross-Site Scripting XSS issue within the report problem functionality. An attacker possessing a low-privileged account can upload a Scalable...

5.1CVSS5.6AI score0.00064EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-32309

Malicious code in bioql PyPI...

6.3CVSS4.8AI score0.00184EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/23 12:24 a.m.3 views

CVE-2022-47076

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx...

7.5CVSS6.4AI score0.23387EPSS
Exploits4
RedhatCVE
RedhatCVEadded 2025/05/22 9:51 p.m.4 views

CVE-2022-47075

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx...

7.5CVSS6.4AI score0.92051EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEVadded 2025/05/12 12:0 a.m.0 views

VulnCheck KEV: CVE-2022-47075

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx...

7.5CVSS5.8AI score0.92051EPSS
Exploits4References1
NVD
NVDadded 2024/04/13 1:15 p.m.9 views

CVE-2024-3735

A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/Confirm Password with the input 1 leads to weak password requirements. It is possible to launch the...

6.3CVSS4.2AI score0.00184EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/04/13 1:0 p.m.14 views

CVE-2024-3735 Smart Office Main.aspx weak password

A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/Confirm Password with the input 1 leads to weak password requirements. It is possible to launch the...

6.3CVSS4.6AI score0.00184EPSS
Exploits0References4
CVE
CVEadded 2024/04/13 1:0 p.m.48 views

CVE-2024-3735

CVE-2024-3735 affects Smart Office (up to 20240405), targeting the Main.aspx file where manipulating the New Password/Confirm Password argument (input 1) results in weak password requirements. The vulnerability can be triggered remotely with high attack complexity; several sources indicate public...

6.3CVSS6.7AI score0.00184EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/04/13 1:0 p.m.9 views

CVE-2024-3735 Smart Office Main.aspx weak password

A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/Confirm Password with the input 1 leads to weak password requirements. It is possible to launch the...

6.3CVSS7AI score0.00184EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/04/13 12:0 a.m.1 views

Smart Office 安全漏洞

Smart Office is an office application. A security vulnerability exists in Smart Office, which stems from Main.aspx contains unknown functions that result in weak passwords via specific parameters...

6.3CVSS4.9AI score0.00184EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/04/13 12:0 a.m.1 views

PT-2024-27493 · Unknown · Smart Office

Name of the Vulnerable Software and Affected Versions: Smart Office versions up to 20240405 Description: A vulnerability was found in the file Main.aspx, where the manipulation of the New Password/Confirm Password argument with the input 1 leads to weak password requirements. The attack can be...

6.3CVSS4.6AI score0.00184EPSS
Exploits0References8
NVD
NVDadded 2024/04/05 9:15 p.m.8 views

CVE-2023-25493

A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code...

6.7CVSS6.8AI score0.00017EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/04/05 8:46 p.m.11 views

CVE-2023-25493

A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code...

6.7CVSS7AI score0.00017EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/04/05 8:46 p.m.15 views

CVE-2023-25493

A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code...

6.7CVSS6.8AI score0.00017EPSS
Exploits0References1
CVE
CVEadded 2024/04/05 8:46 p.m.42 views

CVE-2023-25493

The CVE-2023-25493 entry describes a vulnerability in the BIOS update tool driver affecting Lenovo Desktop, Smart Edge, Smart Office, and ThinkStation products that could let a local, privileged attacker execute arbitrary code. Affected component: BIOS update tool driver; root cause details are n...

6.7CVSS6.8AI score0.00017EPSS
Exploits0References1
Rows per page
Query Builder