Lucene search
K

4239 matches found

Cvelist
Cvelist
added 2026/03/09 6:23 a.m.26 views

CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.8CVSS0.00679EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.4 views

PT-2026-24017

Name of the Vulnerable Software and Affected Versions Atop Technologies EHG2408 series switch Atop Technologies EHG2408-2SFP Description The EHG2408 series switch developed by Atop Technologies contains a Stack-based Buffer Overflow issue. This allows unauthenticated remote attackers to control t...

9.8CVSS6.1AI score0.00679EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2026/02/27 12:32 p.m.3 views

CVE-2025-11252 SQLi in Signum Technologies' windesk.fm

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...

9.8CVSS5.8AI score0.00388EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/27 12:32 p.m.25 views

CVE-2025-11252 SQLi in Signum Technologies' windesk.fm

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...

9.8CVSS0.00388EPSS
Exploits0References2
CVE
CVE
added 2026/02/27 12:32 p.m.14 views

CVE-2025-11252

CVE-2025-11252 describes an SQL Injection flaw in Signum Technology Promotion and Training Inc.'s Windesk.Fm, caused by improper neutralization of special elements in SQL commands. Affected product: windesk.Fm (through 27022026). Impact as stated: high confidentiality, integrity, and availability...

9.8CVSS5.6AI score0.00388EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/02/23 4:16 a.m.7 views

CVE-2026-2998

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...

8.5CVSS0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/23 2:42 a.m.24 views

CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...

8.5CVSS0.00107EPSS
Exploits0References2
CVE
CVE
added 2026/02/23 2:42 a.m.16 views

CVE-2026-2998

The CVE-2026-2998 entry concerns the ERP product developed by eAI Technologies and describes a DLL Hijacking vulnerability. According to the provided documents, an authenticated local attacker can place a crafted DLL file in the same directory as the ERP executable, leading to arbitrary code exec...

8.5CVSS5.8AI score0.00107EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/23 2:42 a.m.3 views

CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...

8.5CVSS5.6AI score0.00107EPSS
Exploits0References2
NVD
NVD
added 2026/02/17 12:16 p.m.12 views

CVE-2025-7631

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...

8.6CVSS0.00272EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.9 views

PT-2026-14: Integer underflow leads to Remote Code Execution in Yokogawa Centum VP

The vulnerability was identified in Centum VP, versions R1.07.00 or earlier. The discovered vulnerability allows an attacker to achieve remote code execution via an integer underflow that lets malicious input manipulate internal calculations and trigger execution of the code. Vulnerability status...

8.2CVSS6.4AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 12:57 p.m.30 views

CVE-2025-10465 Unrestricted File Upload in Birtech Information Technologies' Sensaway

Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the...

8.8CVSS0.00389EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/09 12:57 p.m.5 views

CVE-2025-10465 Unrestricted File Upload in Birtech Information Technologies' Sensaway

Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the...

8.8CVSS5.5AI score0.00389EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/09 12:49 p.m.6 views

CVE-2025-10464 Cleartext password storage in Birtech Information Technologies' Sensaway

Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the...

6.5CVSS5.5AI score0.00249EPSS
Exploits0References2
CVE
CVE
added 2026/02/09 12:49 p.m.11 views

CVE-2025-10464

The CVE-2025-10464 entry concerns Birtech Information Technologies’ Senseway application, describing an Insecure Storage of Sensitive Information vulnerability that enables retrieval of embedded sensitive data (explicitly noted as cleartext password storage in the CVE listing). Affected release a...

6.5CVSS5.5AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 12:49 p.m.28 views

CVE-2025-10464 Cleartext password storage in Birtech Information Technologies' Sensaway

Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the...

6.5CVSS0.00249EPSS
Exploits0References2
NVD
NVD
added 2026/02/09 12:15 p.m.8 views

CVE-2025-10463

Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the...

7.3CVSS0.00292EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 12:7 p.m.29 views

CVE-2025-10463 Improper Authentication in Birtech Information Technologies' Sensaway

Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the...

7.3CVSS0.00292EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/09 12:7 p.m.5 views

CVE-2025-10463 Improper Authentication in Birtech Information Technologies' Sensaway

Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the...

7.3CVSS5.5AI score0.00292EPSS
Exploits0References2
NVD
NVD
added 2026/02/09 9:16 a.m.10 views

CVE-2025-7799

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Zirve Information Technologies Inc. E-Taxpayer Accounting Website allows Reflected XSS. This issue affects e-Taxpayer Accounting Website: through 07082025...

8.6CVSS0.00292EPSS
Exploits0References2
Rows per page
Query Builder