Lucene search
K

51 matches found

Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.15 views

PT-2026-42725

Name of the Vulnerable Software and Affected Versions ZTE MU5250 affected versions not specified Description An information disclosure issue exists due to improper configuration of the access control mechanism, which allows attackers to obtain information without authorization. Recommendations At...

7.5CVSS5.4AI score0.00216EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.11 views

PT-2026-21527

Name of the Vulnerable Software and Affected Versions ZIA affected versions not specified Description An issue exists in the ZIA Admin UI related to the improper handling of user-supplied input. This could allow an authenticated administrator to potentially access or retrieve unauthorized interna...

5.5CVSS5.2AI score0.00161EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-7605

Malicious code in bioql PyPI...

4.3CVSS5AI score0.01116EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25211

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-8280

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0052EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/29 12:0 a.m.4 views

GE UR family Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-27424)

GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a Last-key pressed MODBUS register can be used to gain unauthorized information. This plugin only works with Tenable.ot. Please visit...

5.3CVSS6.1AI score0.00844EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/21 12:26 a.m.5 views

CVE-2025-50434

A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record...

5.3CVSS6.5AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2025/08/19 4:15 p.m.6 views

CVE-2025-50434

A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record...

5.3CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/19 12:0 a.m.3 views

CVE-2025-50434

A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record...

5.9AI score0.00222EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.7 views

Citrix NetScaler Gateway / ADC Memory Disclosure

Citrix NetScaler Gateway / ADC versions 14.1.x 14.1-43.56, 13.1.x 13.1-58.32, 13.1.x-FIPS 13.1-37.235-FIPS and NDcPP, 12.1.x-FIPS 12.1-55.328-FIPS, 12.1.x and 13.0.x are affected by a memory disclosure vulnerability. This issue could allow a remote and unauthenticated attacker to access sensitive...

9.3CVSS6.8AI score0.99897EPSS
Exploits18References3
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.8 views

CVE-2022-36854

Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information...

5.5CVSS6.7AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:10 p.m.10 views

CVE-2021-27424

GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a “Last-key pressed” MODBUS register can be used to gain unauthorized information...

5.3CVSS7.1AI score0.00844EPSS
Exploits0
NVD
NVD
added 2025/04/17 10:15 p.m.12 views

CVE-2024-42178

HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution...

7.5CVSS0.00166EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.8 views

The vulnerability of the eDocument Cockpit component of the SAP Electronic Invoicing for Brazil software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the eDocument Cockpit component of the SAP Electronic Invoicing for Brazil software relates to the absence of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

2.7CVSS5.5AI score0.00182EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/10 12:0 a.m.6 views

The vulnerability of microprogrammed software for programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi lies in the lack of origin verification in WebSockets. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of microprogrammed programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi is related to the lack of origin verification in WebSockets. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected...

9.7CVSS7.7AI score0.00888EPSS
Exploits4References3Affected Software11
NVD
NVD
added 2024/12/26 10:15 p.m.15 views

CVE-2024-45805

OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information SETTINGSSUPPORT. This is due to inadequate access control for support information...

4.3CVSS0.00347EPSS
Exploits0References1
NVD
NVD
added 2024/06/11 3:16 p.m.16 views

CVE-2024-31495

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiPortal versions 7.0.0 through 7.0.6 and version 7.2.0 allows privileged user to obtain unauthorized information via the report download functionality...

4.3CVSS0.00526EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.13 views

PT-2024-5465 · Microsoft +6 · Edge +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.182 Chromium versions prior to 126.0.6478.182 Yandex Browser versions prior to 24.7.6.1018-alt1 Chromedriver versions prior to 126.0.6478.182-1.1 Debian Bookworm chromium versions prior to...

10CVSS8.3AI score0.99694EPSS
Exploits133References1131
Redos
Redos
added 2024/04/08 12:0 a.m.12 views

ROS-20240408-25

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.8 views

PT-2024-23599 · Unknown · Ros Kinetic Kame

Name of the Vulnerable Software and Affected Versions: ROS Kinetic Kame affected versions not specified Description: The issue concerns an unauthorized information access vulnerability. No specific details about the estimated number of potentially affected devices or real-world incidents are...

7AI score
Exploits0References2
Rows per page
Query Builder