Lucene search
K
KorelogicMost viewed

105 matches found

KoreLogic Security
KoreLogic Security
•added 2021/09/01 12:0 a.m.•34 views

CyberArk Credential Provider Race Condition And Authorization Bypass

Vulnerability Details Affected Vendor: CyberArk Affected Product: Application Access Manager/Credential Provider Affected Version: Prior to 12.1 Platform: Linux/Windows/zOS CWE Classification: CWE-326: Inadequate Encryption Strength, CWE-362: Concurrent Execution using Shared Resource with...

5.1CVSS0.00344EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2021/05/26 12:0 a.m.•34 views

CommScope Ruckus IoT Controller Hard-coded Web Application Administrator Password

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-259: Use of Hard-coded Password CVE ID: CVE-2021-33219 2. Vulnerability Description An undocumented, administrative-level, hard...

9.8CVSS0.3AI score0.0215EPSS
Exploits6Affected Software1
KoreLogic Security
KoreLogic Security
•added 2021/05/26 12:0 a.m.•34 views

CommScope Ruckus IoT Controller Hard-coded System Passwords

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-259: Use of Hard-coded Password CVE ID: CVE-2021-33218 2. Vulnerability Description Hard coded, system-level credentials exist on...

10CVSS0.2AI score0.02304EPSS
Exploits4Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/10/24 12:0 a.m.•34 views

Infoblox NetMRI Administration Shell Factory Reset Persistence

Vulnerability Details Affected Vendor: Infoblox Affected Product: NetMRI Affected Version: VM-AD30-5C6CE Platform: Embedded Linux CWE Classification: CWE-485: Insufficient Encapsulation Impact: Administrative Account Backdoor Attack vector: SSH 2. Vulnerability Description An authenticated user...

0.2AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2021/05/26 12:0 a.m.•33 views

CommScope Ruckus IoT Controller Unauthenticated API Endpoints

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-306: Missing Authentication for Critical Function CVE ID: CVE-2021-33221 2. Vulnerability Description Three API endpoints for the...

9.8CVSS0.3AI score0.5699EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/08/07 12:0 a.m.•31 views

Open WebUI Arbitrary File Upload + Path Traversal

Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', CWE-434: Unrestricted Upload of File with Dangerous Type CVE ID:...

8.8CVSS7.8AI score0.01003EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/10/24 12:0 a.m.•31 views

Sophos UTM 9 Management Application Local File Inclusion

Vulnerability Details Affected Vendor: Sophos Affected Product: UTM 9 Affected Version: 9.410 Platform: Embedded Linux CWE Classification: CWE-538: File and Directory Information Exposure, CWE-264: Permissions, Privileges, and Access Controls, CWE-532: Information Exposure Through Log Files...

7AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2021/05/26 12:0 a.m.•29 views

CommScope Ruckus IoT Controller Hard-coded API Keys Exposed

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-798: Use of Hard-coded Credentials CVE ID: CVE-2021-33220 2. Vulnerability Description API keys for CommScope Ruckus are included...

7.8CVSS0.4AI score0.00254EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2021/05/26 12:0 a.m.•28 views

CommScope Ruckus IoT Controller Web Application Directory Traversal

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', CWE-250: Execution with Unnecessary Privileges...

9.8CVSS1.5AI score0.0215EPSS
Exploits6Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/08/07 12:0 a.m.•27 views

Journyx Reflected Cross Site Scripting

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-81: Improper Neutralization of Script in an Error Message Web Page CVE ID: CVE-2024-6892 2. Vulnerability Description Attackers can craft a...

6.1CVSS7.2AI score0.00713EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/03/05 12:0 a.m.•27 views

Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories Accessible to External Parties CVE ID: CVE-2024-2056 2...

9.8CVSS6.7AI score0.16711EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/11/05 12:0 a.m.•27 views

Dell OpenManage Network Manager Multiple Vulnerabilities

Vulnerability Details Affected Vendor: Dell Affected Product: OpenManage Network Manager Affected Version: 6.2.0.51 SP3 Platform: Embedded Linux CWE Classification: CWE-285: Improper Authorization, CWE-284: Improper Access Control Impact: Privilege Escalation Attack vector: MySQL, HTTP CVE ID:...

9CVSS8.2AI score0.12324EPSS
Exploits7Affected Software1
KoreLogic Security
KoreLogic Security
•added 2026/01/08 12:0 a.m.•25 views

yintibao Fun Print Mobile Unauthorized Access via Context Hijacking

Vulnerability Details Affected Vendor: yintibao Affected Product: Fun Print Mobile Affected Version: 6.05.15 Platform: ARM64 - Android CWE Classification: CWE-926: Improper Export of Android Application Components CVE ID: CVE-2025-15464 2. Vulnerability Description Exported Activity allows...

7.5CVSS6.8AI score0.00466EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2021/09/01 12:0 a.m.•25 views

CyberArk Credential Provider Local Cache Can Be Decrypted

Vulnerability Details Affected Vendor: CyberArk Affected Product: Application Access Manager/Credential Provider Affected Version: Prior to 12.1 Platform: Linux/Windows/zOS CWE Classification: CWE-326: Inadequate Encryption Strength CVE ID: CVE-2021-31798 2. Vulnerability Description CyberArk...

4.4CVSS5.3AI score0.00437EPSS
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/03/05 12:0 a.m.•24 views

Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.40 and 4.50 Platform: Debian 10 LTS CWE Classification: CWE-23: Relative Path Traversal CVE ID: CVE-2024-2053 2. Vulnerability Description The Artica Proxy administrative web application attempts to...

7.5CVSS6.9AI score0.44579EPSS
Exploits4Affected Software1
KoreLogic Security
KoreLogic Security
•added 2023/08/17 12:0 a.m.•24 views

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump

Vulnerability Details Affected Vendor: ThousandEyes Affected Product: ThousandEyes Enterprise Agent Virtual Appliance Affected Version: thousandeyes-va-64-18.04 0.218 Platform: Linux / Ubuntu 18.04 CWE Classification: CWE-1395: Dependency on Vulnerable Third-Party Component CVE ID:...

7.8CVSS7.5AI score0.00418EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2023/08/17 12:0 a.m.•24 views

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig

Vulnerability Details Affected Vendor: ThousandEyes Affected Product: ThousandEyes Enterprise Agent Virtual Appliance Affected Version: thousandeyes-va-64-18.04 0.218 Platform: Linux / Ubuntu 18.04 CWE Classification: CWE-1395: Dependency on Vulnerable Third-Party Component, CWE-1220:...

5.5CVSS7.3AI score0.00304EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/07/06 12:0 a.m.•24 views

Barracuda WAF Early Boot Root Shell

Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-489: Leftover Debug Code Impact: Root Access Attack vector: Grub 2. Vulnerability Description Firmware reversing...

7.1AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/03/05 12:0 a.m.•23 views

Artica Proxy Unauthenticated File Manager Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.40 and 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories Accessible to External Parties CVE ID:...

9.8CVSS7.5AI score0.00933EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/02/08 12:0 a.m.•23 views

NetEx HyperIP Local File Inclusion Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-73: External Control of File Name or Path, CWE-592: Authentication Bypass Issues Impact: Arbitrary Filesystem Reads Attack vector: HTTPS 2...

Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/10/24 12:0 a.m.•23 views

Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions

Vulnerability Details Affected Vendor: Sophos Affected Product: UTM 9 Affected Version: 9.410 Platform: Embedded Linux CWE Classification: CWE-280: Improper Handling of Insufficient Permissions or Privileges Impact: Root Access Attack vector: SSH 2. Vulnerability Description The attacker must...

7.2AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/02/08 12:0 a.m.•21 views

NetEx HyperIP Authentication Bypass

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-592: Authentication Bypass Issues Impact: Authentication Bypass Attack vector: HTTPS 2. Vulnerability Description Authentication for the management...

0.3AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/08/07 12:0 a.m.•19 views

Open WebUI Stored Cross-Site Scripting

Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVE ID: CVE-2024-6706 2. Vulnerability Description Attackers...

6.3CVSS7AI score0.0062EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/03/02 12:0 a.m.•19 views

Sophos UTM 9 loginuser Privilege Escalation via confd Service

Vulnerability Details Affected Vendor: Sophos Affected Product: UTM 9 Affected Version: 9.410 Platform: Embedded Linux CWE Classification: CWE-306: Missing Authentication for Critical Function SID generation Impact: Privilege Escalation Attack vector: SSH 2. Vulnerability Description The...

7.3AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/02/08 12:0 a.m.•19 views

NetEx HyperIP Privilege Escalation Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-592: Authentication Bypass Issues Impact: Privilege Escalation Attack vector: HTTPS 2. Vulnerability Description Privileges can be escalated by abusing...

0.2AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2024/08/07 12:0 a.m.•18 views

Journyx Unauthenticated Password Reset Bruteforce

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-321: Use of Hard-coded Cryptographic Key, CWE-334: Small Space of Random Values, CWE-799: Improper Control of Interaction Frequency CVE ID:...

9.8CVSS6.7AI score0.00717EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2022/01/28 12:0 a.m.•18 views

Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability

Vulnerability Details Affected Vendor: Moxa Affected Product: TN-5900 Affected Version: v3.1 and prior Platform: Moxa Linux CWE Classification: CWE-354 Improper Validation of Integrity Check Value CVE ID: CVE-2021-46559 2. Vulnerability Description Moxa TN-5900 v3.1.0 and prior uses an insecure...

7.5CVSS7.6AI score0.00436EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/07/06 12:0 a.m.•18 views

Barracuda WAF Grub Password Complexity

Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-259: Use of Hard-coded Password Impact: Privileged Access Attack vector: Password Cracking 2. Vulnerability...

0.5AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/02/04 12:0 a.m.•17 views

Checkmk NagVis Reflected Cross-site Scripting

Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE Classification: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVE ID: CVE-2024-13722 2...

5.4CVSS6.6AI score0.00557EPSS
Exploits2
KoreLogic Security
KoreLogic Security
•added 2017/07/06 12:0 a.m.•17 views

Solarwinds LEM Hardcoded Credentials

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Log and Event Manager Virtual Appliance Affected Version: v6.3.1 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials Impact: Unintended Access Attack vector: Local 2. Vulnerability Description The...

7.1AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/02/04 12:0 a.m.•16 views

Checkmk NagVis Remote Code Execution

Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE Classification: CWE-434: Unrestricted Upload of File with Dangerous Type CVE ID: CVE-2024-13723 2. Vulnerability Description The "NagVis"...

7.2CVSS7.3AI score0.0126EPSS
Exploits2
KoreLogic Security
KoreLogic Security
•added 2024/08/07 12:0 a.m.•16 views

Journyx Authenticated Remote Code Execution

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-94: Improper Control of Generation of Code 'Code Injection', CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code 'Eval...

8.8CVSS7.5AI score0.00953EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/06/25 12:0 a.m.•14 views

HPE VAN SDN Unauthenticated Remote Root Vulnerability

Vulnerability Details Affected Vendor: HP Enterprise Affected Product: VAN SDN Controller Affected Version: 2.7.18.0503 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials, CWE-20: Improper Input Validation Impact: Privilege Escalation Attack vector: HTTP 2...

8.2AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/01/26 12:0 a.m.•14 views

Sophos Web Gateway Persistent Cross Site Scripting Vulnerability

Vulnerability Details Affected Vendor: Sophos Affected Product: Web Gateway Affected Version: 4.4.1 Platform: Embedded Linux CWE Classification: CWE-79: Improper Neutralization of Input During Web Page Generation, CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Impact:...

6.8AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/10/24 12:0 a.m.•14 views

Sonicwall WXA5000 Console Jail Escape and Privilege Escalation

Vulnerability Details Affected Vendor: Sonicwall Affected Product: WXA5000 WAN Optimization Appliance Affected Version: 1.3.2-10-30 Platform: Embedded Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command Impact: Root Access Attack vector: Console 2...

0.1AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/05/22 12:0 a.m.•13 views

Mobile Dynamix PrinterShare Mobile Print Gmail Oauth Token Disclosure

Vulnerability Details Affected Vendor: Mobile Dynamix Affected Product: PrinterShare Mobile Print Affected Version: up to 12.15.01 Platform: Android CWE Classification: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor, CWE-313: Cleartext Storage in a File or on Disk CVE ID:...

9.1CVSS8.9AI score0.00265EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/07/06 12:0 a.m.•13 views

Barracuda WAF Management Application Username and Session ID Leak

Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-200: Information Exposure Impact: Privileged Access Attack vector: HTTP 2. Vulnerability Description The...

Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/07/09 12:0 a.m.•12 views

Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-611: Improper Restriction of XML External Entity Reference CVE ID: CVE-2025-6438 2. Vulnerability Description The...

5.9CVSS7.1AI score0.00391EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/09/25 12:0 a.m.•12 views

Solarwinds LEM Insecure Update Process

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Multiple Affected Version: Multiple Platform: Embedded Linux CWE Classification: CWE-284: Improper Access Control, CWE-346: Origin Validation Error Impact: Counterfeit Product Downloads Attack vector: HTTP 2. Vulnerability...

0.1AI score
Exploits0
KoreLogic Security
KoreLogic Security
•added 2017/07/06 12:0 a.m.•12 views

Barracuda WAF Support Tunnel Hijack

Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-304: Missing Critical Step In Authentication Impact: Remote Access Attack vector: DNS, SSH 2. Vulnerability...

0.5AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/02/08 12:0 a.m.•11 views

Trend Micro IMSVA Management Portal Authentication Bypass

Vulnerability Details Affected Vendor: Trend Micro Affected Product: InterScan Mail Security Virtual Apppliance Affected Version: 9.1.0.1600 Platform: Embedded Linux CWE Classification: CWE-522: Insufficiently Protected Credentials, CWE-219: Sensitive Data Under Web Root Impact: Authentication...

7.3AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/05/22 12:0 a.m.•10 views

Mobile Dynamix PrinterShare Mobile Print Double-Free Memory Write

Vulnerability Details Affected Vendor: Mobile Dynamix Affected Product: PrinterShare Mobile Print Affected Version: up to 12.15.01 Platform: Android CWE Classification: CWE-415: Double-Free, CWE-416: Use-After-Free CVE ID: CVE-2025-5100 2. Vulnerability Description A double-free condition occurs...

8CVSS6.8AI score0.00222EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2017/07/06 12:0 a.m.•10 views

Barracuda WAF Internal Development Credential Disclosure

Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-489: Leftover Debug Code, CWE-200: Information Exposure Impact: Privileged Access Attack vector: Code Review 2...

7.2AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/07/28 12:0 a.m.•9 views

Xorux XorMon-NG Web Application Privilege Escalation to Administrator

Vulnerability Details Affected Vendor: Xorux Affected Product: XorMon-NG Affected Version: 1.8 and prior Platform: Debian CWE Classification: CWE-648: Incorrect Use of Privileged APIs CVE ID: CVE-2025-54765 2. Vulnerability Description An API endpoint that should be limited to web application...

5.3CVSS6.4AI score0.06894EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/07/09 12:0 a.m.•9 views

Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-1286: Improper Validation of Syntactic Correctness of Input, CWE-94: Improper Control of Generation of Code 'Code...

7.2CVSS7AI score0.00313EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/05/22 12:0 a.m.•9 views

Mobile Dynamix PrinterShare Mobile Print Out-of-bounds Write

Vulnerability Details Affected Vendor: Mobile Dynamix Affected Product: PrinterShare Mobile Print Affected Version: up to 12.15.01 Platform: Android CWE Classification: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-787: Out-of-bounds Write CVE ID:...

9.8CVSS9.4AI score0.00576EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2018/02/08 12:0 a.m.•9 views

NetEx HyperIP Post-Auth Command Execution

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command, CWE-250: Execution with Unnecessary Privileges Impact: Arbitrary Command...

0.6AI score
Exploits0Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/07/28 12:0 a.m.•8 views

Xorux LPAR2RRD File Upload Directory Traversal

Vulnerability Details Affected Vendor: Xorux Affected Product: LPAR2RRD Affected Version: 8.04 and prior Platform: Rocky Linux 8.10 CWE Classification: CWE-24: Path Traversal: '../filedir', CWE-434: Unrestricted Upload of File with Dangerous Type, CWE-648: Incorrect Use of Privileged APIs CVE...

8.8CVSS6.9AI score0.03038EPSS
Exploits4Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/07/09 12:0 a.m.•8 views

Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-23: Relative Path Traversal, CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS...

9.5CVSS7.8AI score0.15311EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
•added 2025/07/09 12:0 a.m.•8 views

Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-266: Incorrect Privilege Assignment CVE ID: CVE-2025-50124 2. Vulnerability Description The Data Center Expert...

7.2CVSS7.4AI score0.00313EPSS
Exploits2Affected Software1
Total number of security vulnerabilities105