Lucene search
K

276237 matches found

RedhatCVE
RedhatCVE
added 2026/02/11 1:16 p.m.6 views

CVE-2025-11242

Server-Side Request Forgery SSRF vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025...

9.8CVSS5.4AI score0.00301EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.11 views

CVE-2025-58467

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync...

6.5CVSS0.00416EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 12:18 p.m.13 views

CVE-2025-54155

CVE-2025-54155 affects File Station 5. An unbounded resource allocation vulnerability exists in File Station 5 where, if an administrator account is compromised, the attacker can prevent other systems, applications, or processes from accessing the same resource. The CVSS 4.0 vector indicates a Ne...

6.9CVSS5.6AI score0.0041EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/11 12:17 p.m.15 views

CVE-2025-57710

The CVE-2025-57710 issue affects Qsync Central and is a resource-allocation vulnerability with no throttling. A remote attacker who has an administrator account can exhaust resources, potentially blocking other systems, applications, or processes from accessing the same resource. The root cause i...

6.9CVSS5.6AI score0.00469EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/11 12:17 p.m.12 views

CVE-2025-57711

CVE-2025-57711 affects Qnap Qsync Central and describes an allocation of resources without limits or throttling. The vulnerability is exploitable remotely by an attacker who already has an administrator account, allowing them to disrupt access to the same type of resource for other systems, appli...

6.9CVSS5.6AI score0.00469EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/11 12:15 p.m.9 views

CVE-2025-68406

CVE-2025-68406 affects Qsync Central. A path traversal vulnerability allows an attacker who already has a user account to read arbitrary files or system data. The issue is tied to Qsync Central’s handling of file paths and can be triggered remotely over the network. Remediation is available in Qs...

6.5CVSS5.5AI score0.00537EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 11:52 a.m.4 views

CVE-2025-10174 Improper Access Control in Pan Software's PanCafe Pro

Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding. This issue affects PanCafe Pro: from 3.3.2 through 23092025...

8.3CVSS5.4AI score0.00124EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/11 10:54 a.m.12 views

Malicious code in node-dotenv-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76b47bebee6a74c00d3be10fad072e05074a62b29205377f682463290bad39c3 The package node-dotenv-cli was found to contain malicious code. Source: ghsa-malware 5bb66069e2bde985ae448962eaaf6373cd54aa2cd51fb20a0fef26ecb5dee2d...

5.6AI score
Exploits0References1
NVD
NVD
added 2026/02/11 9:15 a.m.7 views

CVE-2025-9986

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation. This issue affects DIGIKENT: through 13092025...

8.2CVSS0.00217EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/11 1:33 a.m.8 views

CVE-2026-25895

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched ...

9.8CVSS5.8AI score0.02675EPSS
Exploits3References1
Fedora
Fedora
added 2026/02/11 1:0 a.m.8 views

[SECURITY] Fedora 42 Update: rust-rbspy-0.34.1-4.fc42

Sampling CPU profiler for Ruby...

7.5CVSS5.4AI score0.00443EPSS
Exploits1
Fedora
Fedora
added 2026/02/11 12:59 a.m.8 views

[SECURITY] Fedora 42 Update: envision-3.2.0-7.fc42

UI for building, configuring, and running Monado, the open source OpenXR runtime. This is still highly experimental software, while it's unlikely that anything bad will happen, it's still unstable and there is no guarantee that it will work on your system, with your particular hardware. If you...

7.5CVSS5.4AI score0.00443EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.8 views

PT-2026-7574

Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.8.3350 build 20251216 QNAP QuTS hero h5.3.2 versions prior to h5.3.2.3354 build 20251225 QNAP QuTS hero h5.2.8 versions prior to h5.2.8.3350 build 20251216 Description A flaw exists that allows remote attackers t...

9.8CVSS5.5AI score0.00633EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/02/11 12:0 a.m.3 views

Wazuh 4.14.3

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

5.6AI score
Exploits0
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

MiniGal Nano 跨站脚本漏洞

MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 contained a cross-site scripting vulnerability. This vulnerability stemmed from the dir parameter in the index.php file, which allowed for reflective cross-site scripting,...

6.1CVSS5.9AI score0.00288EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.5 views

PT-2026-7580

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard allows Reflected XSS.This issue affects Turboard: from 2025.07 through 11022026. NOTE...

9.4CVSS5.5AI score0.00363EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.5 views

PT-2026-7534

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.6AI score0.0041EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7689

Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code...

7.5CVSS5.6AI score0.00282EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.9 views

PT-2026-7592

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

7.8CVSS6AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

QNAP Systems QTS和QNAP Systems QuTS hero 代码问题漏洞

QNAP Systems QTS and QNAP Systems QuTS Hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There were code-related vulnerabilities in versions of QNAP Systems QTS 5.2.8.3332 build 20251128 and QNAP Systems QuTS Hero...

5.1CVSS5.8AI score0.0041EPSS
Exploits0References2
Rows per page
Query Builder