Lucene search
K

16824 matches found

NVD
NVD
added 2025/08/14 9:15 a.m.14 views

CVE-2025-48862

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...

7.1CVSS0.00106EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/08/14 2:53 a.m.3 views

SUSE CVE-2025-54424

1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate...

9.8CVSS7.6AI score0.00864EPSS
Exploits5References3
Cvelist
Cvelist
added 2025/08/14 12:0 a.m.10 views

CVE-2024-53946

The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery CSRF on its web management interface. This vulnerability allows an attacker to trick an authenticated admin user into performing unauthorized actions, such as exploiting a command injection vulnerability in...

0.00586EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.3 views

KuWFi 4G AC900 安全漏洞

KuWFi 4G AC900 is a WiFi router from KuWFi China. A security vulnerability exists in the KuWFi 4G AC900 version 1.0.13, which originates from a command injection in the HTTP API endpoint that could lead to full system control...

8.8CVSS7.4AI score0.19045EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.6 views

PT-2025-33324 · Cisco · Cisco Secure Firewall Management Center (Fmc)

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center FMC Software affected versions not specified Description: A vulnerability exists in the web-based management interface of Cisco Secure Firewall Management Center FMC Software that could allow an...

6.1CVSS6.2AI score0.00273EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.6 views

PT-2025-33339 · Cisco · Cisco Secure Firewall Management Center (Fmc)

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center FMC Software affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remo...

4.9CVSS6.9AI score0.00344EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.5 views

PT-2025-33338 · Cisco · Cisco Secure Fmc

Name of the Vulnerable Software and Affected Versions: Cisco Secure FMC Software affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain...

4.3CVSS6.8AI score0.00269EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.6 views

PT-2025-33337 · Cisco · Cisco Secure Fmc

Name of the Vulnerable Software and Affected Versions: Cisco Secure FMC Software affected versions not specified Description: A vulnerability exists in the web-based management interface of Cisco Secure FMC Software that could allow an authenticated, low-privileged, remote attacker to access...

6.5CVSS6.6AI score0.00334EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.9 views

PT-2025-33140 · Ctrlx Os · Ctrlx Os

Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: Ambiguous wording in the web interface of the setup mechanism could lead a user to believe that the backup file is encrypted when a password is set. However, only the private key – if...

7.1CVSS7AI score0.00106EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/14 12:0 a.m.3 views

CVE-2024-53946

The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery CSRF on its web management interface. This vulnerability allows an attacker to trick an authenticated admin user into performing unauthorized actions, such as exploiting a command injection vulnerability in...

7.5AI score0.00586EPSS
Exploits0References3
CVE
CVE
added 2025/08/13 12:0 a.m.15 views

CVE-2025-50608

Netis WF2880 (v2.1.40207) has a buffer overflow in FUN_00471994 of cgitest.cgi. The vulnerability can be triggered by supplying a crafted wl_base_set value in the payload, causing a crash and potential Denial of Service. Affected component is the FUN_00471994 function; root cause is insufficient ...

7.5CVSS7.5AI score0.00383EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/13 12:0 a.m.5 views

Cisco IOS XE Software Web Based Management Interface (cisco-sa-webui-multi-ARNHM4v6)

According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. - A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected...

6.5CVSS6.8AI score0.00355EPSS
Exploits0References8
OSV
OSV
added 2025/08/12 8:15 p.m.1 views

CVE-2025-36000

IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

4.8CVSS6.2AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 7:15 p.m.4 views

CVE-2025-32932

An Improper neutralization of input during web page generation 'cross-site scripting' vulnerability CWE-79 in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remo...

6.5CVSS0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 7:0 p.m.5 views

CVE-2025-32932

An Improper neutralization of input during web page generation 'cross-site scripting' vulnerability CWE-79 in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remo...

6.5CVSS0.00186EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 12:15 p.m.3 views

CVE-2025-33023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...

5.1CVSS0.00272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 11:16 a.m.1 views

CVE-2025-33023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...

5.1CVSS7.2AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 11:16 a.m.5 views

CVE-2025-33023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...

5.1CVSS0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.2 views

PT-2025-32649 · Unknown · Ruggedcom Rox Mx5000 +8

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM ROX MX5000 affected versions not specified RUGGEDCOM ROX MX5000RE affected versions not specified RUGGEDCOM ROX RX1400 affected versions not specified RUGGEDCOM ROX RX1500 affected versions not specified RUGGEDCOM ROX RX1501 affecte...

5.1CVSS6.3AI score0.00272EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.4 views

PT-2025-32878 · Fortinet · Fortisoar

Name of the Vulnerable Software and Affected Versions: FortiSOAR versions 6.4 through 7.6.1 Description: An improper neutralization of input during web page generation 'cross-site scripting' exists. The web interface may allow an authenticated remote attacker to perform a cross-site scripting XSS...

6.5CVSS5.3AI score0.00186EPSS
Exploits0References5
Rows per page
Query Builder