Lucene search
+L

334 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20828

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00507EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-58039

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00494EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51076

Malicious code in bioql PyPI...

9.8CVSS9.6AI score0.00948EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-28326

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00919EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.6 views

Dingtian DT-R002 安全漏洞

The Dingtian DT-R002 is a repeater device from Dingtian China. A security vulnerability exists in the Dingtian DT-R002 that stems from insufficient credential protection and could allow an attacker to extract a proprietary protocol password via an unauthenticated GET request...

8.7CVSS6.8AI score0.00296EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2025/08/26 4:0 p.m.14 views

Chatbots, APIs, and the Hidden Risks Inside Your Application Stack

What happens when a legacy application quietly slips under the radar and ends up at the center of a security incident involving AI and APIs? For one global organization, this scenario played out in real time when an unusual chatbot behavior sparked a closer look into their recruitment platform,...

7.5AI score
Exploits0
OSV
OSV
added 2025/08/07 5:15 p.m.4 views

CVE-2025-54394

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources...

5.3CVSS5.8AI score0.0029EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.10 views

(Pwn2Own) QNAP QHora-322 IPMI Use of Weak Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPMI interface. The issue results from the use of the WAN MAC addres...

6.3CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.10 views

(Pwn2Own) QNAP QHora-322 SSH Use of Weak Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default SSH credentials. The issue results from the use of the WAN M...

7.5CVSS7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/24 5:21 p.m.13 views

CVE-2025-6523

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe. This issue affects the following versions : Devolutions...

7.7CVSS6.8AI score0.00394EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/07/24 12:0 a.m.4 views

Devolutions Server <= 2025.1.11.0 / 2025.2.2.0 < 2025.2.4.0 Weak Credentials (DEVO-2025-0012) (CVE-2025-6523)

The version of Devolutions Server installed on the remote host is prior to 2025.1.11.0 or 2025.2.2.0 prior to 2025.2.4.0 and is, therefore, affected by a weak credentials vulnerability: - Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated...

9.5CVSS5.7AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 2025/07/22 5:15 p.m.2 views

CVE-2025-6523

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe. This issue affects the following versions : Devolutions...

9.5CVSS5.8AI score0.00394EPSS
Exploits0References1
NVD
NVD
added 2025/07/22 5:15 p.m.7 views

CVE-2025-6523

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe. This issue affects the following versions : Devolutions...

9.5CVSS0.00394EPSS
Exploits0References1
CVE
CVE
added 2025/07/22 5:0 p.m.20 views

CVE-2025-6523

CVE-2025-6523 affects Devolutions Server, where the emergency authentication component allows unauthenticated bypass via brute-forcing short emergency codes. Affected are Devolutions Server 2025.2.2.0–2025.2.3.0 and 2025.1.11.0 and earlier. Root cause is use of weak credentials in the emergency a...

9.5CVSS7.6AI score0.00394EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/22 5:0 p.m.12 views

CVE-2025-6523

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe. This issue affects the following versions : Devolutions...

9.5CVSS0.00394EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/22 5:0 p.m.4 views

CVE-2025-6523

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe. This issue affects the following versions : Devolutions...

9.5CVSS6.9AI score0.00394EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.10 views

PT-2025-30444 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.11.0 through 2025.2.3.0 Description: The use of weak credentials in the emergency authentication component allows an unauthenticated attacker to bypass authentication by brute-forcing the short emergency cod...

7.7CVSS6.7AI score0.00394EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/22 12:0 a.m.6 views

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server versions 2025.2.3.0 and earlier and 2025.1.11.0 and earlier, which stems from the use of weak...

9.5CVSS6.7AI score0.00394EPSS
Exploits0References3
OSV
OSV
added 2025/07/09 3:15 p.m.6 views

CVE-2025-52364

Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service telnetd by default at boot via the initialization script /etc/init.d/eth.sh. This allows remote attackers to connect to the device s shell over the network, potentially without authentication if...

7.5CVSS5.9AI score0.00507EPSS
Exploits1References2
NVD
NVD
added 2025/07/09 3:15 p.m.12 views

CVE-2025-52364

Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service telnetd by default at boot via the initialization script /etc/init.d/eth.sh. This allows remote attackers to connect to the device s shell over the network, potentially without authentication if...

7.5CVSS0.00507EPSS
Exploits1References2
Rows per page
Query Builder