Lucene search
K

462 matches found

CVE
CVE
added 2025/05/20 12:0 a.m.49 views

CVE-2025-44898

CVE-2025-44898 affects PLANET FW-WGS-804HPT firmware version 1.305b241111. A stack overflow is triggered by theauthName parameter in the web_aaa_loginAuthlistEdit function, with potential full impact on confidentiality, integrity, and availability (CVSS 3.1: 9.8 CRITICAL). Documented sources do n...

9.8CVSS7.9AI score0.00453EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/20 12:0 a.m.8 views

CVE-2025-44898

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the webaaaloginAuthlistEdit function...

7.8AI score0.00453EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/10 11:2 a.m.19 views

CVE-2025-22375 Authentication Bypass in CyberAudit-Web

An authentication bypass vulnerability was found in Videx's CyberAudit-Web. Through the exploitation of a logic flaw, an attacker could create a valid session without any credentials. This vulnerability has been patched in versions later than 9.5 and a patch has been made available to all instanc...

9.3CVSS0.00437EPSS
Exploits0References2
Apple
Apple
added 2025/03/31 12:0 a.m.273 views

About the security content of Safari 18.4

About the security content of Safari 18.4 This document describes the security content of Safari 18.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

9.8CVSS8.2AI score0.00919EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.3 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and Apple iPadOS that originates from a malicious website that...

8.1CVSS6.2AI score0.00919EPSS
Exploits0References1
Metasploit
Metasploit
added 2025/03/27 6:50 p.m.430 views

Ivanti Connect Secure HTTP Scanner

This module will perform authentication scanning against Ivanti Connect Secure. Module Options msf use auxiliary/scanner/ivanti/ivantilogin msf auxiliaryivantilogin show actions ...actions... msf auxiliaryivantilogin set ACTION msf auxiliaryivantilogin show options ...show and set options... msf...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2025/03/13 12:0 a.m.2 views

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.13 and earlier, which stems from a missing password mask in the web-based SSH...

7.5CVSS6.8AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:48 a.m.7 views

CVE-2024-7585

A vulnerability has been found in Tenda i22 1.0.0.34687 and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launche...

9.8CVSS6.9AI score0.01331EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.3 views

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Basic HTTP Authentication versions 7.X-1.0 through 7.X-1.4, which stems from the inclusion of an authorization error vulnerability...

7.3CVSS6.8AI score0.00311EPSS
Exploits0References2
NVD
NVD
added 2024/12/03 8:15 p.m.10 views

CVE-2024-51114

An issue in Beijing Digital China Yunke Information Technology Co.Ltd v.7.2.6.120 allows a remote attacker to execute arbitrary code via the code/function/dpi/webauth/customizable.php file...

8.8CVSS0.00838EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/26 12:0 a.m.5 views

Moodle Authorization Issues Vulnerability (CNVD-2024-46247)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an authorization issue vulnerability that stems from the need to perform additional checks to ensure that ...

4.3CVSS7AI score0.00281EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/26 12:0 a.m.10 views

Moodle Authorization Issues Vulnerability (CNVD-2024-46249)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an authorization issue vulnerability that stems from the need to perform additional checks to ensure that...

6.5CVSS7.1AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 2:23 p.m.2 views

OESA-2024-2459 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting...

8.8CVSS9.2AI score0.00539EPSS
Exploits1References3
CNVD
CNVD
added 2024/11/19 12:0 a.m.7 views

IBM Security SOAR Authorization Issues Vulnerability

IBM Security SOAR is a product from International Business Machines IBM, formerly known as Resilient. designed to help your security team confidently respond to cyber threats, automate through intelligence, and collaborate through consistency. IBM Security SOAR has an authorization issue...

8.1CVSS7.2AI score0.00319EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.18 views

Fedora 41 : chromium (2024-3a6f9ab958)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a6f9ab958 advisory. Update to 130.0.6723.58 High CVE-2024-9954: Use after free in AI Medium CVE-2024-9955: Use after free in Web Authentication Medium CVE-2024-9956:...

8.8CVSS6.5AI score0.06295EPSS
Exploits3References14
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/11/01 4:49 a.m.4 views

REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers

Overview FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web...

9.8CVSS7AI score0.00556EPSS
Exploits0References4
OSV
OSV
added 2024/10/25 7:15 a.m.7 views

CVE-2024-47406

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability...

9.8CVSS5.8AI score0.00599EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/10/21 12:0 a.m.13 views

Fedora: Security Advisory (FEDORA-2024-c0b1d26de3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.06295EPSS
Exploits3References16
OpenVAS
OpenVAS
added 2024/10/21 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-4d80983af6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.06295EPSS
Exploits3References16
BDU FSTEC
BDU FSTEC
added 2024/10/20 12:0 a.m.6 views

The vulnerability of the application programming interface WebAuthn in browsers Google Chrome and Microsoft Edge allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Application Programming Interface WebAuthn of Google Chrome and Microsoft Edge browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

10CVSS7.6AI score0.00765EPSS
Exploits0References13Affected Software6
Rows per page
Query Builder