Lucene search
K

16828 matches found

Vulnrichment
Vulnrichment
added 2025/08/12 11:16 a.m.1 views

CVE-2025-33023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...

5.1CVSS7.2AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 11:16 a.m.5 views

CVE-2025-33023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...

5.1CVSS0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.5 views

PT-2025-32878 · Fortinet · Fortisoar

Name of the Vulnerable Software and Affected Versions: FortiSOAR versions 6.4 through 7.6.1 Description: An improper neutralization of input during web page generation 'cross-site scripting' exists. The web interface may allow an authenticated remote attacker to perform a cross-site scripting XSS...

6.5CVSS5.3AI score0.00186EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.2 views

PT-2025-32649 · Unknown · Ruggedcom Rox Mx5000 +8

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM ROX MX5000 affected versions not specified RUGGEDCOM ROX MX5000RE affected versions not specified RUGGEDCOM ROX RX1400 affected versions not specified RUGGEDCOM ROX RX1500 affected versions not specified RUGGEDCOM ROX RX1501 affecte...

5.1CVSS6.3AI score0.00272EPSS
Exploits0References5
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens RUGGEDCOM ROX II

SUMMARY RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the...

5.1CVSS7.3AI score0.00272EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-15092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was...

6.1CVSS6.3AI score0.02319EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.8 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to gain unauthorized access to protected information and perform cross-site scripting attacks.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform relates to the lack of protective measures for the website structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.2AI score0.00205EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.9 views

The vulnerability of the web interface of the information system for state and municipal payments in the Republic of Tatarstan (GIS GMPl) stems from errors in the logic of the web application’s operation. This vulnerability allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the web interface of the information system for state and municipal payments in the Republic of Tatarstan GIS GMPl is related to errors in the logic of the web application’s operation. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthoriz...

7.8CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.12 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to access and modify data.

The vulnerability of the Cisco Identity Services Engine ISE’s web management interface is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain access and modify data by sending a specially crafted HTTP request...

4.3CVSS5.5AI score0.00369EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2025/08/11 12:0 a.m.2 views

Belkin F9K1009 / F9K1010 Authentication Bypass

This repository contains a exploit for CVE‑2025‑8730, a critical Authentication Bypass vulnerability affecting the web interface of Belkin F9K1009 and F9K1010 routers. The flaw lies in the session validation logic of the /login.htm file, where improperly handled cookies or crafted requests allow...

10CVSS9.4AI score0.02992EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.9 views

The vulnerability in the web interface for managing the Cisco Unified Intelligence Center reporting software and the Cisco Unified Contact Center Express operator automation software allows a malicious individual to execute arbitrary commands and increase their privileges.

The vulnerability in the web interface for creating reports using the Cisco Unified Intelligence Center and the Cisco Unified Contact Center Express software lies in the unlimited download of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and...

6.5CVSS5.8AI score0.0038EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/10 2:33 p.m.5 views

CVE-2025-8730

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

10CVSS9.5AI score0.02992EPSS
Exploits2References1
Gitee
Gitee
added 2025/08/09 11:29 p.m.107 views

Exploit for Out-of-bounds Write in Cypress Cyw20735_Firmware

This repository is an offensive tool for firmware emulation and fuzzing. It provides a virtual environment to fuzz wireless firmwares, allowing for the extraction of their current state and re-execution in a virtual environment for fuzzing. The tool is currently optimized for the CYW20735 Bluetoo...

7.8CVSS7.2AI score0.00339EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/08/08 5:31 p.m.6 views

CVE-2025-20332

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. This vulnerability is due to the lack of server-side validation of Administrator permissions. An attacker could exploit this...

4.3CVSS6.8AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2025/08/08 5:15 p.m.4 views

CVE-2025-8284

By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions...

9.8CVSS0.00508EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/08 4:27 p.m.8 views

CVE-2025-8284 Packet Power EMX and EG Missing Authentication for Critical Function

By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions...

9.8CVSS0.00508EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/08 4:27 p.m.3 views

CVE-2025-8284 Packet Power EMX and EG Missing Authentication for Critical Function

By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions...

9.8CVSS6.8AI score0.00508EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/08 2:32 p.m.10 views

CVE-2025-8730 Belkin F9K1009/F9K1010 Web Interface hard-coded credentials

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

10CVSS0.02992EPSS
Exploits2References7
Vulnrichment
Vulnrichment
added 2025/08/08 2:32 p.m.4 views

CVE-2025-8730 Belkin F9K1009/F9K1010 Web Interface hard-coded credentials

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

10CVSS9.5AI score0.02992EPSS
Exploits2References7
EUVD
EUVD
added 2025/08/08 2:32 p.m.8 views

EUVD-2025-23988

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...

10CVSS9.5AI score0.02992EPSS
Exploits2References7
Rows per page
Query Builder