Lucene search
K

930 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:43 a.m.11 views

CVE-1999-0430

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload...

5CVSS7AI score0.01823EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.7 views

CVE-2019-12105

In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The...

8.2CVSS6.7AI score0.02283EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-20429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock situation can occur in the Linux kernel related to tracing and System Call Interface SBI Extended Call ECALL functionality on RISC-V systems. Specifically, if functions within...

5.5CVSS6.1AI score0.0008EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2025/12/18 1:44 p.m.3 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

9.8CVSS6.7AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2025/12/17 9:16 p.m.3 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

9.8CVSS5.8AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2025/12/17 9:16 p.m.5 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

9.8CVSS0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.25 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.4 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

6.4AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.5 views

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock versions 24.1 and prior to 24.1.x, 24.2 and prior to 24.2.x, and 25.1.6 and prior to 25.1.6, which stems from the fact that a user with administrative role and...

9.8CVSS6.7AI score0.00268EPSS
Exploits0References1
CVE
CVE
added 2025/12/17 12:0 a.m.11 views

CVE-2025-67793

DriveLock vulnerable to privilege escalation where users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role via an API call. Affected versions include 24.1 through 24.1., 24.2 through 24.2. , and 25.1 before 25.1.6. The issue is stat...

9.8CVSS6.4AI score0.00268EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.5 views

PT-2025-51919

Name of the Vulnerable Software and Affected Versions DriveLock versions 24.1 through 24.1. DriveLock versions 24.2 through 24.2. DriveLock versions 25.1 through 25.1.5 Description A flaw exists in DriveLock where users possessing the "Manage roles and permissions" privilege can elevate their own...

9.8CVSS6.5AI score0.00268EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/03 2:2 p.m.5 views

CVE-2025-11788

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

9.8CVSS7.3AI score0.00284EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.4 views

CVE-2025-11788

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

9.8CVSS0.00284EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 1:15 p.m.5 views

CVE-2025-11788

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

9.8CVSS6.1AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 1:3 p.m.2 views

CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

8.5CVSS6.8AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.6 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.0.2, which stems from the ShowSupervisorParameters function not validating the length of the meter parameter,...

9.8CVSS7.1AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/22 12:34 p.m.8 views

CVE-2025-10054

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ehcrmremoveagent' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, wit...

5.3CVSS5AI score0.00248EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.4 views

PT-2025-47728

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh crm remove agent' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers,...

5.3CVSS5.1AI score0.00248EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176097

Malicious code in supervisor-config-hapi-relay npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-175461

Malicious code in yakutsk-blueshift-supervisor-socketio npm...

6.6AI score
Exploits0
Rows per page
Query Builder