Lucene search
K

963 matches found

OSV
OSV
added 2026/01/20 7:15 p.m.5 views

UBUNTU-CVE-2025-56005

An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...

9.8CVSS6.5AI score0.16903EPSS
Exploits3References3
Amd
Amd
added 2026/01/15 12:0 a.m.13 views

SEV-SNP Guest Stack Pointer Corruption Vulnerability

Summary Researchers have reported a CPU-caused stack corruption issue caused by flipping an undocumented MSR bit. AMD believes that this vulnerability occurs due to inadequate access controls, which fail to prevent the hypervisor from setting an internal configuration bit. This attack could allow...

4.6CVSS6.9AI score0.00202EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.10 views

CVE-2023-29107

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources...

5.3CVSS6.9AI score0.00646EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.5 views

CVE-2022-38372

A hidden functionality vulnerability CWE-1242 in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command...

6.7CVSS6.9AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.6 views

CVE-1999-0760

Undocumented ColdFusion Markup Language CFML tags and functions in the ColdFusion Administrator allow users to gain additional privileges...

10CVSS7.2AI score0.01744EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/06 3:52 p.m.2 views

CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API

FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...

7.5CVSS6.7AI score0.00443EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.7 views

FIBARO System Home Center 安全漏洞

FIBARO System Home Center is a series of smart home core central control hosts from the Polish company FIBARO. A security vulnerability exists in FIBARO System Home Center version 5.021, which stems from a remote file inclusion vulnerability in the undocumented proxy API that could lead to the...

7.5CVSS7AI score0.00443EPSS
Exploits1References7
OSV
OSV
added 2025/12/24 8:15 p.m.4 views

CVE-2018-25146

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service...

8.1CVSS5.9AI score0.0041EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53366

Name of the Vulnerable Software and Affected Versions Microhard Systems IPn4G version 1.1.0 Description An issue exists in Microhard Systems IPn4G that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes...

8.1CVSS5.6AI score0.0041EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/12/15 1:25 p.m.3 views

CVE-2025-36752

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

9.4CVSS6.9AI score0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.7 views

EUVD-2025-203251

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

9.4CVSS6.4AI score0.00285EPSS
Exploits0References2
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-36752

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

9.8CVSS0.00285EPSS
Exploits0References1
OSV
OSV
added 2025/12/13 4:16 p.m.4 views

CVE-2025-36752

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

9.8CVSS5.8AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/13 8:16 a.m.4 views

CVE-2025-36752 Undocumented backup Account and No Password Configuration Capability

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

9.4CVSS6.5AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 2025/12/13 8:16 a.m.21 views

CVE-2025-36752

CVE-2025-36752 affects Growatt ShineLan-X communication dongle. The vulnerability arises from an undocumented backup account with undocumented credentials, enabling high-privilege access and potentially full control of the device, including the Setting Center. Multiple sources corroborate a backd...

9.8CVSS6.5AI score0.00285EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/13 8:16 a.m.26 views

CVE-2025-36752 Undocumented backup Account and No Password Configuration Capability

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

9.4CVSS0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.5 views

PT-2025-51101

Name of the Vulnerable Software and Affected Versions Growatt ShineLan-X communication dongle affected versions not specified Description The Growatt ShineLan-X communication dongle contains an undocumented backup account with undocumented credentials. This allows significant access to the device...

9.4CVSS6.5AI score0.00285EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.6 views

Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for a photovoltaic inverter from Growatt, a Chinese company. A security vulnerability exists in the Growatt ShineLan-X that originates from an undocumented backup account and could result in full access to the device...

9.8CVSS6.6AI score0.00285EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.29 views

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

9.8CVSS7.2AI score0.00858EPSS
Exploits1References1
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

9.8CVSS5.8AI score0.00858EPSS
Exploits1References2
Rows per page
Query Builder