Lucene search
+L

378 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-32144

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.25114EPSS
Exploits0References2
NVD
NVD
added 2025/10/03 4:16 p.m.9 views

CVE-2025-55971

TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...

4.7CVSS0.00285EPSS
Exploits1References2
CVE
CVE
added 2025/09/17 12:0 a.m.16 views

CVE-2025-54390

Zimbra Collaboration (ZCS) CVE-2025-54390 is a CSRF in ResetPasswordRequest when zimbraFeatureResetPasswordStatus is enabled. An attacker can trick an authenticated user into visiting a malicious page that silently sends a crafted SOAP request to reset the user’s password due to missing CSRF toke...

6.3CVSS6.5AI score0.0017EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/17 12:0 a.m.10 views

CVE-2025-54390

A Cross-Site Request Forgery CSRF vulnerability exists in the ResetPasswordRequest operation of Zimbra Collaboration ZCS when the zimbraFeatureResetPasswordStatus attribute is enabled. An attacker can exploit this by tricking an authenticated user into visiting a malicious webpage that silently...

0.0017EPSS
Exploits0References3
Saint
Saint
added 2025/08/27 12:0 a.m.128 views

Citrix Session Recording deserialization vulnerability

Added: 08/27/2025 CVE: CVE-2024-8069 Background Citrix Session Recording is software for recording and archiving sessions for retrieval and playback. Problem Unsafe object deserialization in Citrix Session Recording could allow a remote attacker to execute arbitrary commands by sending a speciall...

8CVSS7.7AI score0.14736EPSS
Exploits2
Saint
Saint
added 2025/08/27 12:0 a.m.84 views

Citrix Session Recording deserialization vulnerability

Added: 08/27/2025 CVE: CVE-2024-8069 Background Citrix Session Recording is software for recording and archiving sessions for retrieval and playback. Problem Unsafe object deserialization in Citrix Session Recording could allow a remote attacker to execute arbitrary commands by sending a speciall...

8CVSS7.8AI score0.14736EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-13578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial o...

7.5CVSS7.5AI score0.03023EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2025/06/25 8:15 a.m.5 views

CVE-2024-51983

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

7.5CVSS7.2AI score0.07833EPSS
Exploits0References9Affected Software53
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.8 views

PT-2025-26816 · Brother Industries +4 · Ads-1250W +651

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target...

7.5CVSS6.3AI score0.07833EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.5 views

CVE-2024-12343

A vulnerability classified as critical has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be...

8.8CVSS6.4AI score0.04719EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.23 views

CVE-2021-21783

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS7.8AI score0.04983EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:44 p.m.9 views

CVE-2014-9237

SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via a tem:Code element in a SOAP request...

7.5CVSS8.8AI score0.021EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:50 a.m.9 views

CVE-2011-4504

The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability...

7.5CVSS7.2AI score0.01428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:58 p.m.13 views

CVE-2019-5055

An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 with Firmware Version V1.0.0.70 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd...

7.5CVSS6.7AI score0.02014EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:48 p.m.20 views

CVE-2020-13577

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS6.4AI score0.03023EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 1:43 p.m.30 views

CVE-2020-13576

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS7.7AI score0.0586EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 1:41 p.m.29 views

CVE-2020-13574

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS6.4AI score0.03023EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 9:16 a.m.11 views

CVE-2024-56829

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx...

10CVSS6.9AI score0.00556EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 4:15 a.m.18 views

CVE-2024-56829

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx...

10CVSS0.00556EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 a.m.10 views

CVE-2024-56829

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx...

10CVSS7AI score0.00556EPSS
Exploits0References1
Rows per page
Query Builder