Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-18886

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00153EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19545

Malicious code in bioql PyPI...

5CVSS6.5AI score0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19547

Malicious code in bioql PyPI...

2.2CVSS6.5AI score0.0025EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19546

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00261EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.6 views

CVE-2025-52916

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration last five digits...

2.2CVSS6.5AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.6 views

CVE-2025-52919

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded...

4.3CVSS6.5AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.4 views

CVE-2025-52917

The Yealink RPS API before 2025-05-26 lacks rate limiting, potentially enabling information disclosure via excessive requests...

4.3CVSS6.1AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.3 views

CVE-2025-52918

Yealink RPS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces...

5CVSS6.4AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2025/06/21 11:15 p.m.10 views

CVE-2025-52917

The Yealink RPS API before 2025-05-26 lacks rate limiting, potentially enabling information disclosure via excessive requests...

4.3CVSS0.00261EPSS
Exploits0References4
NVD
NVD
added 2025/06/21 11:15 p.m.4 views

CVE-2025-52919

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded...

4.3CVSS0.00153EPSS
Exploits0References4
NVD
NVD
added 2025/06/21 11:15 p.m.8 views

CVE-2025-52916

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration last five digits...

2.2CVSS0.0025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/21 12:0 a.m.4 views

CVE-2025-52919

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded...

4.3CVSS6.4AI score0.00153EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/21 12:0 a.m.10 views

CVE-2025-52919

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded...

4.3CVSS0.00153EPSS
Exploits0References4
CVE
CVE
added 2025/06/21 12:0 a.m.20 views

CVE-2025-52917

The CVE applies to Yealink YMCS RPS API prior to 2025-05-26, where a lack of rate limiting enables information disclosure through excessive requests. Affected component: Yealink RPS API; root cause: missing rate-limiting controls on API endpoints, leading to potential exposure of sensitive data u...

4.3CVSS6.1AI score0.00261EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/21 12:0 a.m.5 views

CVE-2025-52916

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration last five digits...

2.2CVSS6.5AI score0.0025EPSS
Exploits0References4
CVE
CVE
added 2025/06/21 12:0 a.m.19 views

CVE-2025-52916

The CVE-2025-52916 entry concerns Yealink YMCS RPS prior to 2025-06-04, where the system lacks serial-number verification attempt limits, enabling brute-force enumeration of the last five digits. The issue is supported by multiple connected sources (CVE listing, Red Hat, CNNVD, PT Security, and C...

2.2CVSS6.5AI score0.0025EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/21 12:0 a.m.5 views

PT-2025-26529 · Yealink · Yealink Ymcs

Name of the Vulnerable Software and Affected Versions: Yealink YMCS versions prior to 2025-05-26 Description: The issue allows unauthorized access to deactivated interfaces due to the lack of prevention of OpenAPI access by frozen enterprise accounts. Recommendations: For Yealink YMCS versions...

5CVSS6.3AI score0.0024EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/06/21 12:0 a.m.5 views

CVE-2025-52917

The Yealink RPS API before 2025-05-26 lacks rate limiting, potentially enabling information disclosure via excessive requests...

4.3CVSS6.1AI score0.00261EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/21 12:0 a.m.8 views

CVE-2025-52918

Yealink RPS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces...

5CVSS0.0024EPSS
Exploits0References4
CVE
CVE
added 2025/06/21 12:0 a.m.20 views

CVE-2025-52918

CVE-2025-52918 affects Yealink RPS (Redirect and Provisioning Service). Before 2025-05-26, OpenAPI access is not blocked for frozen enterprise accounts, allowing unauthorized access to deactivated interfaces. CVSS v3.1 base score 5.0 (medium); impact limited to confidentiality. The available docu...

5CVSS6.4AI score0.0024EPSS
Exploits0References4
Rows per page
Query Builder