Lucene search
K
Vulncheck KevRecent

4985 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/07/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34058

Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After authenticating with these credentials, an attacker can exploit an arbitrary file read vulnerability in the /systemLog/downFile.php...

8.7CVSS5.9AI score0.00852EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2025/06/30 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.9AI score0.06564EPSS
Exploits5References10
VulnCheck KEV
VulnCheck KEV
added 2025/06/29 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-41335

A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read...

8.8CVSS5.8AI score0.00927EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/28 12:0 a.m.7 views

VulnCheck KEV: CVE-2024-54764

An access control issue in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...

6.5CVSS5.8AI score0.01006EPSS
Exploits0References49
VulnCheck KEV
VulnCheck KEV
added 2025/06/28 12:0 a.m.18 views

VulnCheck KEV: CVE-2024-5334

A local file read vulnerability exists in the stitionai/devika repository, affecting the latest version. The vulnerability is due to improper handling of the 'snapshotpath' parameter in the '/api/get-browser-snapshot' endpoint. An attacker can exploit this vulnerability by crafting a request with...

7.5CVSS7.4AI score0.02073EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/28 12:0 a.m.26 views

VulnCheck KEV: CVE-2024-30269

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...

5.3CVSS5.8AI score0.16EPSS
Exploits2References53
VulnCheck KEV
VulnCheck KEV
added 2025/06/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-54763

An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...

6.5CVSS5.8AI score0.00746EPSS
Exploits0References52
VulnCheck KEV
VulnCheck KEV
added 2025/06/27 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-50967

The /rest/rights/ REST API endpoint in Becon DATAGerry through 2.2.0 contains an Incorrect Access Control vulnerability. An attacker can remotely access this endpoint without authentication, leading to unauthorized disclosure of sensitive information...

6.5CVSS5.8AI score0.01616EPSS
Exploits0References97
VulnCheck KEV
VulnCheck KEV
added 2025/06/27 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-55457

MasterSAM Star Gate 11 is vulnerable to directory traversal via /adama/adama/downloadService. An attacker can exploit this vulnerability by manipulating the file parameter to access arbitrary files on the server, potentially exposing sensitive information...

6.5CVSS7.3AI score0.03012EPSS
Exploits0References73
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-34047

A path traversal vulnerability exists in the Leadsec SSL VPN formerly Lenovo NetGuard, allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation,...

8.7CVSS7.4AI score0.00462EPSS
Exploits0References56
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-34042

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware version M2.1.6.04C014 via the ServerName and TimeZone parameters in the servetest CGI page. An attacker with access to the web interface can inject arbitrary system commands into these parameters, which...

9.4CVSS6.6AI score0.01763EPSS
Exploits1References30
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-34048

A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN1.02, SEA1.04, and SEA1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI...

8.7CVSS7.5AI score0.0059EPSS
Exploits0References16
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34046

An unauthenticated file upload vulnerability exists in the Fanwei E-Office = v9.4 web management interface. The vulnerability affects the /general/index/UploadFile.php endpoint, which improperly validates uploaded files when invoked with certain parameters uploadType=eofficelogo or...

10CVSS6.6AI score0.00781EPSS
Exploits0References88
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

9.8CVSS5.9AI score0.01723EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-34044

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input validation allows unauthenticated attackers to execute arbitrary OS commands. Exploitation eviden...

9.4CVSS6.1AI score0.04597EPSS
Exploits0References8
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34045

A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/downloadimgage endpoint, where insufficient inpu...

8.7CVSS6AI score0.04311EPSS
Exploits1References34
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.10 views

VulnCheck KEV: CVE-2025-5777

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...

9.8CVSS7.3AI score0.99897EPSS
Exploits28References494
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34049

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the targetaddr parameter of the formTracert and formPing administrative...

9.4CVSS6.3AI score0.0245EPSS
Exploits0References58
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-6543

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...

9.8CVSS7.3AI score0.99897EPSS
Exploits21References20
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-54085

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

10CVSS5.8AI score0.61202EPSS
Exploits0References7
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-0107

An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls...

9.8CVSS6AI score0.77653EPSS
Exploits0References247
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-0692

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution...

8.8CVSS6.2AI score0.91557EPSS
Exploits1References248
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.15 views

VulnCheck KEV: CVE-2025-4009

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS6.1AI score0.74535EPSS
Exploits0References148
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.11 views

VulnCheck KEV: CVE-2024-48914

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

9.1CVSS6AI score0.59798EPSS
Exploits1References166
VulnCheck KEV
VulnCheck KEV
added 2025/06/24 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-27112

Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system,...

6.9CVSS5.9AI score0.00936EPSS
Exploits1References46
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-34040

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads, allowing unauthenticated attackers to upload crafted JSP files outside of intended...

10CVSS5.9AI score0.1438EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-34035

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...

10CVSS5.9AI score0.12334EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34039

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet bsh.servlet.BshServlet without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This...

10CVSS6.2AI score0.00501EPSS
Exploits0References87
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-5086

A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution...

9CVSS6.1AI score0.89077EPSS
Exploits1References148
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-34037

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcpip parameter without sanitization, allowing...

10CVSS6.4AI score0.85373EPSS
Exploits1References50
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.9 views

VulnCheck KEV: CVE-2023-22463

KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...

9.8CVSS5.7AI score0.69667EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-34034

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...

9.3CVSS5.8AI score0.00565EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-22893

Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that...

8.2CVSS5.8AI score0.04158EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.94 views

VulnCheck KEV: CVE-2025-70974

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an...

10CVSS5.8AI score0.3897EPSS
Exploits7References3
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.9 views

VulnCheck KEV: CVE-2017-17761

An issue was discovered on Ichano AtHome IP Camera devices. The device runs the "noodles" binary - a service on port 1300 that allows a remote LAN unauthenticated user to run arbitrary commands. This binary requires the "system" XML element for specifying the command. For example, a id command...

10CVSS6AI score0.07214EPSS
Exploits3References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34033

An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the pingaddr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can...

8.8CVSS6.1AI score0.03916EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-34038

A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIdssql, type method, reachable through the cmd=getSelectAllId workflow in the...

8.7CVSS6.1AI score0.01837EPSS
Exploits1References65
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34041

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response EDR management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interfac...

10CVSS6.1AI score0.06969EPSS
Exploits0References64
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.11 views

VulnCheck KEV: CVE-2020-9548

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig aka anteros-core...

9.8CVSS7.2AI score0.18345EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-9547

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap...

9.8CVSS7.2AI score0.18671EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-2059

A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/selecttemplets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched remotely. The exploit...

5.3CVSS4.9AI score0.02406EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-34036

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When...

10CVSS5.8AI score0.25282EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-34032

A reflected cross-site scripting XSS vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the data parameter in jsmol.php. The application fails to properly sanitize user input before embedding it into the HTTP response, allowing an attacker to execute arbitrary...

6.1CVSS5.8AI score0.00626EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34031

A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the query parameter in jsmol.php. The script directly passes user input to the filegetcontents function without proper validation, allowing attackers to read arbitrary files from the server's...

8.7CVSS7.4AI score0.02963EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.16 views

VulnCheck KEV: CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS7.7AI score0.03301EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-17574

An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the doaction function to invoke certain popmake or pum methods, as demonstrated by controlling content and delivery of popmake-system-info.txt...

9.1CVSS5.8AI score0.09232EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-34511

Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager XM and Experience Platform XP, through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in...

8.8CVSS5.9AI score0.08501EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/22 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34510

Sitecore Experience Manager XM, Experience Platform XP, and Experience Commerce XC versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive...

8.8CVSS5.8AI score0.09312EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-34509

Sitecore Experience Manager XM and Experience Platform XP versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access...

7.5CVSS5.8AI score0.38428EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/20 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-34030

An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to...

10CVSS5.8AI score0.59067EPSS
Exploits1References1
Total number of security vulnerabilities4985