Lucene search
K

223 matches found

NVD
NVD
added 2026/06/19 4:16 p.m.14 views

CVE-2026-12620

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

6.5CVSS0.00227EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 3:59 p.m.6 views

CVE-2026-12620

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

4.6CVSS5.8AI score0.00227EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/19 3:59 p.m.7 views

EUVD-2026-38041

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

4.6CVSS5.8AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 3:59 p.m.20 views

CVE-2026-12620

The CVE affects GridTime 3000 GNSS Time Server versions 1.0r0.03 through 1.1r0.0, where an access token is leaked in the URL parameters of certain endpoints. The issue is documented by NVD/CVE entries for CVE-2026-12620, with an attack surface described as NETWORK, requiring HIGH privileges and A...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/19 3:59 p.m.5 views

CVE-2026-12620 Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

4.6CVSS5.8AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 3:53 p.m.18 views

CVE-2026-12621

GridTime 3000 GNSS Time Server Password Reset form is vulnerable to XSS due to improper neutralization of input during web page generation. Affected from 1.0r0.03 up to, but not including, 1.2r0.0. Base CVSS v4 score is 5.3 (Medium). No exploitation details are provided in the documents; no remed...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/19 3:48 p.m.4 views

CVE-2026-12622 Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Server

The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.3CVSS5.8AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 3:48 p.m.7 views

EUVD-2026-38039

The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.3CVSS5.8AI score0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 3:48 p.m.15 views

CVE-2026-12622

The GridTime 3000 GNSS Time Server presents an open redirect vulnerability in its password change form submission affecting versions 1.0r0.03 through 1.1r0.0. The issue is described as an open redirect in the password change flow; no further exploitation details, impact scope, or remediation are ...

5.4CVSS5.8AI score0.00122EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/19 3:48 p.m.33 views

CVE-2026-12622 Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Server

The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.3CVSS0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 3:40 p.m.34 views

CVE-2026-12619 GridTime™ 3000 GNSS Time Server CSRF to XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.1CVSS0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 3:40 p.m.18 views

CVE-2026-12619

The CVE-2026-12619 entry concerns Microchip GridTime 3000 GNSS Time Server, where an improper neutralization during web page generation enables Cross-Site Scripting (XSS). A CSRF-to-XSS chain affects GridTime 3000 versions 1.0r0.03–1.1r0.0. Exploit maturity is listed as ATTACKED, indicating in-th...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50948

Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.1r0.0 Description The GridTime 3000 GNSS Time Server contains an open redirect issue within the password change form submission. An open redirect occurs when an application takes a user-provided URL an...

5.3CVSS5.9AI score0.00122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50946

Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.1r0.0 Description The GridTime 3000 GNSS Time Server leaks the access token within the URL parameters of certain endpoints. Recommendations Update GridTime 3000 versions 1.0r0.03 through 1.1r0.0 to a...

6.5CVSS6.1AI score0.00227EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

EndRun Technologies Sonoma Cross-site Scripting (CVE-2025-60961)

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts. This plugin only works with Tenable.ot. Please visit...

6.1CVSS5.3AI score0.00182EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.5 views

EndRun Technologies Sonoma OS Command Injection (CVE-2025-60962)

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts. This plugin only works with Tenable.ot. Please visit...

8.2CVSS5.4AI score0.00759EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.6 views

EndRun Technologies Sonoma OS Command Injection (CVE-2025-60960)

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. This plugin only works with Tenable.ot. Please...

8.2CVSS5.7AI score0.00937EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

EndRun Technologies Sonoma OS Command Injection (CVE-2025-60965)

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. This plugin...

9.1CVSS5.7AI score0.01231EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

EndRun Technologies Sonoma Cross-site Scripting (CVE-2025-60967)

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.3CVSS5.3AI score0.00243EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

EndRun Technologies Sonoma OS Command Injection (CVE-2025-60964)

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. This plugin...

9.1CVSS5.7AI score0.01231EPSS
Exploits0References3
Rows per page
Query Builder