Lucene search
K

17 matches found

Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.6 views

PT-2025-45604

Name of the Vulnerable Software and Affected Versions Jumo variTRON300 affected versions not specified Description A flaw exists in the password generation algorithm when accessing the debug interface. An unauthenticated local attacker who knows the password generation timeframe may be able to...

7.4CVSS6.5AI score0.00114EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10476

Malware in sbrugna...

8.4CVSS8.2AI score0.00322EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-41404

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00311EPSS
Exploits0References2
NVD
NVD
added 2025/08/12 12:15 p.m.8 views

CVE-2025-30034

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...

6.9CVSS0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.8 views

CVE-2023-49676

An unauthenticated local attacker may trick a user to open corrupted project files to crash the system due to use after free vulnerability...

5.5CVSS6.9AI score0.00178EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/12/20 1:50 a.m.7 views

CVE-2020-9250

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. Vulnerability ID: HWPSIRT-2019-12302 Th...

3.3CVSS6.7AI score0.00118EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/04/06 6:17 a.m.26 views

CVE-2023-25542

Dell Trusted Device Agent, versions prior to 5.3.0, contains an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges...

7CVSS7.7AI score0.00148EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/10 10:34 a.m.10 views

CVE-2022-24410

Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces...

6.8CVSS6.5AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/24 12:0 a.m.5 views

多款Pilz产品路径遍历漏洞

Pilz PASvisu and others are products of Pilz, a German company.Pilz PASvisu is an HMI solution for machine visualization.Pilz PAS4000 is a software platform for the automation system PSS 4000.Pilz PAScal is an application... A path traversal vulnerability exists in several Pilz products. An...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/09/28 4:0 p.m.8 views

CVE-2022-20864

A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...

4.6CVSS5.8AI score0.00262EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.5 views

D-Link DIR-878 操作系统命令注入漏洞

The D-Link DIR-878 is a wireless router from D-Link, a Taiwan-based company. The D-Link DIR-878 is vulnerable to a command injection vulnerability that could be exploited by an unauthenticated LAN attacker to execute arbitrary system commands to control the system or interrupt services...

8.8CVSS6.1AI score0.01527EPSS
Exploits0References2
NVD
NVD
added 2022/03/01 2:15 a.m.14 views

CVE-2022-22262

ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic link to system file pat...

7.7CVSS0.00253EPSS
Exploits0References1
OSV
OSV
added 2018/06/07 9:29 p.m.5 views

CVE-2018-0335

A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring...

7.8CVSS5.8AI score0.00413EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.27 views

CVE-2017-12361

A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber...

4.2AI score0.00387EPSS
Exploits0References3
CNVD
CNVD
added 2017/06/26 12:0 a.m.2 views

Cisco Prime Collaboration Provisioning Tool Local Information Disclosure Vulnerability (CNVD-2017-11546)

Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. A security vulnerability exists in the logging subsystem in the Cisco Prime Collaboration Provisioning tool, where an unauthenticated local attacker obtains sensitive information. The vulnerabili...

5.1CVSS6.6AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2017/02/09 5:59 p.m.4 views

CVE-2017-3813

A vulnerability in the Start Before Logon SBL module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the acce...

7.8CVSS5.9AI score0.01711EPSS
Exploits5References4
CNVD
CNVD
added 2016/07/21 12:0 a.m.4 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2016-05389)

Oracle MySQL Server is a lightweight relational database system. A security vulnerability exists in Oracle MySQL Server 5.7.12 and earlier versions, which can be exploited by an unauthenticated, local attacker to affect availability...

4.9CVSS7.5AI score0.02213EPSS
Exploits0References1
Rows per page
Query Builder