Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/08/13 2:46 p.m.17 views

CVE-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 3:23 p.m.5 views

CVE-2025-8452 Unauthenticated leak of sensitive information affecting multiple models from Brother Industries, Ltd., Toshiba Tec, and Konica Minolta, Inc.

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...

4.3CVSS6.7AI score0.00227EPSS
Exploits0References5
Metasploit
Metasploit
added 2025/07/09 6:55 p.m.727 views

Multiple Brother devices authentication bypass via default administrator password generation

By leaking a target devices serial number, a remote attacker can generate the target devices default administrator password. The target device may leak its serial number via unauthenticated HTTP, HTTPS, IPP, SNMP, or PJL requests. Module Options msf use...

7.4AI score
Exploits0
OSV
OSV
added 2020/05/18 4:15 p.m.5 views

CVE-2020-11550

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitra...

6.5CVSS7AI score0.01568EPSS
Exploits1References3
OSV
OSV
added 2019/06/19 5:15 p.m.4 views

CVE-2019-11232

EXCELLENT INFOTEK BiYan v1.57 v2.8 allows an attacker to leak user information Password without being authenticated, by sending an EMPNO element to the kwslogin/asp/queryuser.asp URI, and then reading the PWD element...

9.8CVSS7.3AI score0.01533EPSS
Exploits1References1
Rows per page
Query Builder