Lucene search
K

84 matches found

NVD
NVD
added 2026/07/07 6:16 a.m.9 views

CVE-2026-58315

Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed...

5.1CVSS0.00102EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/07 5:33 a.m.32 views

CVE-2026-58315

Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed...

5.1CVSS0.00102EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 5:33 a.m.5 views

CVE-2026-58315

Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed...

5.1CVSS5.9AI score0.00102EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/07 5:33 a.m.7 views

EUVD-2026-42007

Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed...

5.1CVSS5.9AI score0.00102EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 5:33 a.m.20 views

CVE-2026-58315

CVE-2026-58315 describes a Cross-site request forgery in SEIKO EPSON Web Config. The vulnerability could allow unintended operations when a logged-in user visits a malicious page, as reported by both the NVD entry and CVE records. Connected sources confirm the product area (SEIKO EPSON Web Config...

5.1CVSS5.9AI score0.00102EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 6:16 p.m.17 views

CVE-2026-8888

The CVE-2026-8888 entry applies to the Securly Chrome Extension (v3.0.7). It downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp() without complexity validation, enabling an on-path attacker to inject patterns that cause catastrop...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/13 9:16 p.m.9 views

CVE-2026-26333

Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs including EndeavorServer.rem and RemoteFileReceiver.rem and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An...

9.8CVSS6.6AI score0.00929EPSS
Exploits1References2
Rapid7 Blog
Rapid7 Blog
added 2026/02/06 6:52 p.m.9 views

Metasploit Wrap-Up 02/06/2026

Google Summer of Code 2026 Our very own Jack Heysel has added some documentation which outlines the Metasploit Framework project ideas for GSoC 2026. For anyone interested in applying please see GSoC-How-To-Apply documentation, or reach out on slack to any of the following GSoC mentors on Slack v...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON Printers Cross-Site Request Forgery (CVE-2023-27520)

Cross-site request forgery CSRF vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. Note Web Config is the software that allows...

6.5CVSS5.9AI score0.00314EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.2 views

EPSON Printers Cross-site Scripting (CVE-2023-23572)

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPS...

4.8CVSS5.4AI score0.00499EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON Printers Improper Input Validation (CVE-2023-38556)

Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in som...

7.5CVSS7.3AI score0.00644EPSS
Exploits0References3
NVD
NVD
added 2026/01/22 4:16 p.m.9 views

CVE-2025-69612

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

6.5CVSS0.00887EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.18 views

PT-2026-3947

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

6.5CVSS5.7AI score0.00887EPSS
Exploits1References4
Snyk
Snyk
added 2026/01/21 10:23 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via improper validation of OIDC token claims after processing through CEL expressions. An attacker can gain unauthorized operator-level read access and perform actions such as suspend, resume, or reconcile by...

6CVSS5.7AI score0.00303EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/21 10:23 p.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via improper validation of OIDC token claims after processing through CEL expressions. An attacker can gain unauthorized operator-level read access and perform actions such as suspend, resume, or reconcile by...

6CVSS5.7AI score0.00303EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:53 p.m.16 views

CVE-2024-58317

CVE-2024-58317 affects Kentico Xperience (

6.9CVSS6.7AI score0.00162EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/12/16 7:15 a.m.4 views

CVE-2025-66635

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

8.6CVSS0.00491EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/16 6:59 a.m.30 views

CVE-2025-66635

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

8.6CVSS0.00491EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/16 6:59 a.m.2 views

CVE-2025-66635

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

8.6CVSS7.2AI score0.00491EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/16 6:59 a.m.4 views

EUVD-2025-203525

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

8.6CVSS7AI score0.00491EPSS
Exploits0References3
Rows per page
Query Builder