Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

8.6CVSS6.9AI score0.00291EPSS
Exploits1References1
CVE
CVE
added 2025/10/17 12:0 a.m.11 views

CVE-2025-62642

The RBI assistant platform (Restaurant Brands International) through 2025-09-06 exposes an unauthenticated account-creation API labeled “Anyone Can Join This Party,” which does not verify user account creation. This allows a remote, unauthenticated attacker to create user accounts. Connected sour...

8.6CVSS6.7AI score0.00443EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/10/17 12:0 a.m.7 views

EUVD-2025-34921

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

6.5CVSS6.4AI score0.00352EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/17 12:0 a.m.5 views

EUVD-2025-34922

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...

8.3CVSS6.6AI score0.00479EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31182

Malicious code in bioql PyPI...

4.7CVSS6.3AI score0.00177EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/10/02 12:37 p.m.5 views

CVE-2025-0642

Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025...

6.3CVSS5.4AI score0.00238EPSS
Exploits0References3
NVD
NVD
added 2025/09/29 1:15 p.m.4 views

CVE-2024-13150

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fayton Software and Consulting Services fayton.Pro ERP allows SQL Injection. This issue affects fayton.Pro ERP: through 20250929...

9.8CVSS0.00328EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/29 12:59 p.m.3 views

CVE-2024-13150 SQLi in Fayton Software's fayton.pro ERP

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fayton Software and Consulting Services fayton.Pro ERP allows SQL Injection. This issue affects fayton.Pro ERP: through 20250929...

9.8CVSS5.9AI score0.00328EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 1:37 p.m.12 views

CVE-2024-12796 Reflected XSS in Holistic IT, Consultancy Coop.'s Workcube ERP

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Holistic IT, Consultancy Coop. Workcube ERP allows Reflected XSS. This issue affects Workcube ERP: from V12 - V14 before Cognitive...

5.3CVSS0.0024EPSS
Exploits0References2
Rows per page
Query Builder