Lucene search
K

4239 matches found

Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.5 views

PT-2026-3926

Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection.This issue affects Education Management System: through 23.09.2025...

7.5CVSS5.4AI score0.00344EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/21 7:19 a.m.5 views

EUVD-2026-3687

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

8.4CVSS5.5AI score0.00143EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/21 7:19 a.m.6 views

CVE-2026-24016

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

8.4CVSS5.5AI score0.00143EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.7 views

PT-2026-3757

Name of the Vulnerable Software and Affected Versions ServerView Agents for Windows affected versions not specified Description The installer for ServerView Agents for Windows, provided by Fsas Technologies Inc., may load Dynamic Link Libraries insecurely. This could allow for the execution of...

8.4CVSS7.4AI score0.00143EPSS
Exploits0References8
CVE
CVE
added 2026/01/12 3:26 a.m.13 views

CVE-2026-0853

CVE-2026-0853 affects certain NVR models from A-Plus Video Technologies. The underlying issue is a Sensitive Data Exposure that can be exploited by unauthenticated remote attackers to access the device’s debug page and retrieve device status information. Impact is described as exposure of status ...

6.9CVSS6.7AI score0.00267EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/12 3:26 a.m.5 views

EUVD-2026-1953

Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information...

6.9CVSS6.6AI score0.00267EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.7 views

CVE-2023-43336

Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101...

8.8CVSS7.3AI score0.00843EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.8 views

CVE-2023-49002

An issue in Xenom Technologies sinous Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity...

7.5CVSS6.8AI score0.00664EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.8 views

CVE-2003-1363

The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port 9999, which allows remote attackers to mount brute force attacks on the administration console without detection...

6.4CVSS7.1AI score0.01173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.8 views

CVE-2022-37238

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the currentRequest parameter...

5.4CVSS6.1AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.10 views

CVE-2022-37243

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the whitelist endpoint...

5.4CVSS6.1AI score0.00518EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.6 views

CVE-2022-37240

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter...

9.8CVSS7AI score0.01202EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.9 views

CVE-2022-37244

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection...

5.4CVSS6.9AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.6 views

CVE-2025-23776

Missing Authorization vulnerability in ekaterir Cache Sniper for Nginx snipe-nginx-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cache Sniper for Nginx: from n/a through = 1.0.4.2...

4.3CVSS7.2AI score0.00398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.6 views

CVE-2025-23426

Cross-Site Request Forgery CSRF vulnerability in Binesh Dobhal go Social go-social allows Stored XSS.This issue affects go Social: from n/a through = 1.0...

7.1CVSS7.2AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.12 views

CVE-2022-0074

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1...

8.8CVSS6.9AI score0.01154EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/08 12:0 a.m.2 views

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

6.3AI score0.005EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:52 a.m.4 views

CVE-2013-6018

Cross-site request forgery CSRF vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password...

6.8CVSS7.6AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.10 views

CVE-2013-6020

passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the 1 Assessor, 2 Recorder, or ...

5.8CVSS6.5AI score0.01281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.6 views

CVE-2013-6019

Cross-site scripting XSS vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component...

4.3CVSS5.9AI score0.01012EPSS
Exploits0References1
Rows per page
Query Builder