Lucene search
K

16821 matches found

Snyk
Snyk
added 2025/09/17 7:21 p.m.1 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

9.1CVSS6.8AI score0.00361EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:21 p.m.1 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

9.1CVSS6.8AI score0.00361EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:21 p.m.1 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

9.1CVSS6.8AI score0.00361EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:21 p.m.2 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

9.1CVSS6.8AI score0.00361EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.2 views

Dragonfly 安全漏洞

Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0 that stems from a gRPC API and HTTP API that allows a peer node to send a request to force a receiving node to create a...

9.8CVSS9.2AI score0.0068EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.4 views

PT-2025-38257

Name of the Vulnerable Software and Affected Versions: network access control services affected versions not specified Description: A vulnerability exists in the web-based management interface that could allow a remote attacker to conduct a Reflected Cross-Site Scripting XSS attack. Successful...

6.1CVSS5.8AI score0.00235EPSS
Exploits0References3
NVD
NVD
added 2025/09/16 11:15 p.m.6 views

CVE-2025-37128

A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state...

6.8CVSS0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/16 10:22 p.m.4 views

CVE-2025-37128 Authenticated Arbitrary Process Termination allows potential System Disruption in ECOS

A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state...

6.8CVSS6.5AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/16 10:22 p.m.8 views

CVE-2025-37128 Authenticated Arbitrary Process Termination allows potential System Disruption in ECOS

A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state...

6.8CVSS0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/16 9:35 a.m.3 views

CVE-2025-26711

There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface...

5.7CVSS6.2AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.8 views

PT-2025-38088

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN Gateways affected versions not specified Description: A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitra...

6.8CVSS6.3AI score0.00294EPSS
Exploits0References6
CNVD
CNVD
added 2025/09/16 12:0 a.m.3 views

Wavlink WL-WN578W2 sub_404850 function OS Command Injection Vulnerability

The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. An operating system command injection vulnerability exists in Wavlink WL-WN578W2 version 221110, which originates from the parameter deletelist in the function sub404850 in the file /cgi-bin/wireless.cgi that fails to correctly...

9.8CVSS7.8AI score0.06072EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/09/15 2:33 a.m.112 views

CVE

It is an information repository for CVE details, providing a col...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/15 12:0 a.m.5 views

Dell Data Domain Operating System Web Interface Detection

Binary data delldatadomainoperatingsystemwebinterfacedetect.nbin...

7AI score
Exploits0References1
CVE
CVE
added 2025/09/14 3:32 p.m.16 views

CVE-2025-10401

CVE-2025-10401 concerns the D-Link DIR-823x family (firmware up to 250416). The vulnerability exists in the diag_ping handling (file path /goform/diag_ping) where manipulation of the target_addr argument enables arbitrary command execution via a command-injection flaw. It is a remote exploit with...

8.8CVSS6.6AI score0.0815EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/09/12 2:15 p.m.4 views

CVE-2025-10364

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.06325EPSS
Exploits0References1
NVD
NVD
added 2025/09/12 2:15 p.m.8 views

CVE-2025-10365

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.05781EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/12 1:48 p.m.1 views

CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS7.8AI score0.74884EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/12 1:48 p.m.9 views

CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.06325EPSS
Exploits0References1
CVE
CVE
added 2025/09/12 1:48 p.m.26 views

CVE-2025-10364

CVE-2025-10364 affects the Evertz SDVN 3080ipx-10G web management interface. The issue is a command-injection vulnerability in feature-transfer-export.php that allows remote unauthenticated arbitrary code execution with root privileges. The connected sources confirm the vulnerability is tied to t...

9.3CVSS7.8AI score0.74884EPSS
In wildExploits0References1
Rows per page
Query Builder