Lucene search
K

13 matches found

CNNVD
CNNVD
added 2026/01/28 12:0 a.m.5 views

Tildeslash M/Monit Security Vulnerability

Tildeslash M/Monit is a server monitoring and management tool developed by Tildeslash Inc. Version 3.7.4 of Tildeslash M/Monit contains a security vulnerability, which stems from improper handling of admin parameters, potentially leading to privilege escalation...

8.8CVSS5.8AI score0.00419EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/12 9:2 p.m.3 views

CVE-2025-11646 Tomofun Furbo 360/Furbo Mini GATT Service access control

A vulnerability was detected in Tomofun Furbo 360 and Furbo Mini. This vulnerability affects unknown code of the component GATT Service. The manipulation results in improper access controls. The attack can only be performed from the local network. The exploit is now public and may be used. The...

6.3CVSS6AI score0.00503EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/09/17 3:15 p.m.2 views

CVE-2022-50374

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...

5.5CVSS6.1AI score0.00191EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/09/09 4:33 p.m.1 views

CVE-2025-58993 WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS allows SQL Injection. This issue affects Tutor LMS: from n/a through 3.7.4...

7.6CVSS7.2AI score0.00261EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/11 10:26 a.m.7 views

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

6.9CVSS0.00466EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/29 1:15 a.m.2 views

CVE-2023-23325

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection vulnerability via the NetHostname parameter...

9.8CVSS7.2AI score0.01955EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.2 views

Zumtobel Netlink CCD Onboard Security Breach

The Zumtobel Netlink CCD Onboard is a gateway control unit device from Zumtobel Austria. A security vulnerability exists in the Zumtobel Netlink CCD Onboard 3.74 onboard version 3.80 firmware version, which originates from a component containing a buffer overflow...

7.5CVSS7.2AI score0.00935EPSS
Exploits0References2
OSV
OSV
added 2023/07/11 1:15 p.m.2 views

CVE-2023-32104

Cross-Site Request Forgery CSRF vulnerability in Mark Tilly MyCurator Content Curation plugin = 3.74 versions...

6.5CVSS7.3AI score0.00202EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/03 12:0 a.m.4 views

PT-2023-20578 · Apache · Apache James Server

Name of the Vulnerable Software and Affected Versions: Apache James server versions 3.7.3 and earlier Description: The issue allows privilege escalation by a malicious local user due to the JMX management service being provided without authentication by default. Administrators are advised to take...

7.8CVSS7.8AI score0.00654EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.1 views

SUSE CVE-2021-21330

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the...

8.2CVSS8.6AI score0.01905EPSS
Exploits0References5
OSV
OSV
added 2021/02/26 3:15 a.m.12 views

PYSEC-2021-76

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the...

6.1CVSS6.7AI score0.01905EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/02/25 12:0 a.m.7 views

aiohttp Input Validation Error Vulnerability

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python. An input validation error vulnerability exists in aiohttp versions prior to 3.7.4, which stems from an open redirection vulnerability. Maliciously crafted pointers can redirect the browser to another websi...

6.1CVSS6.9AI score0.01905EPSS
Exploits0References15
CNVD
CNVD
added 2020/10/10 12:0 a.m.1 views

IBM QRadar Untrusted Data Deserialization Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An untrustworthy...

9CVSS7.4AI score0.73451EPSS
Exploits2References1
Rows per page
Query Builder