Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.3 views

Samsung MagicINFO 9 Server SWUpdateFileUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SWUpdateFileUploadServlet class. The issue results from the lack of prope...

9.8CVSS6.8AI score0.00575EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server DeviceLogUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the DeviceLogUploadServlet class. The issue results from the lack of proper...

7.2CVSS6.9AI score0.00589EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.4 views

SolarWinds TFTP Server Deserialization of Untrusted Data Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds TFTP Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the internal...

7.8CVSS6.7AI score0.00288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.4 views

Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MagicInfoWebAuthorClient app. The issue results from the lack of proper...

9.8CVSS7AI score0.00501EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.6 views

Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...

9.1CVSS6.3AI score0.00554EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.3 views

Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloadChangedFiles function. The issue results from the lack of proper...

9.8CVSS6.3AI score0.00611EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server fillLftOrLfdInfo Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the fillLftOrLfdInfo method. The issue results from the...

9.8CVSS7AI score0.0061EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/25 12:0 a.m.7 views

(Pwn2Own) Microsoft SharePoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.99982EPSS
Exploits41References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/25 12:0 a.m.5 views

(Pwn2Own) Microsoft SharePoint ToolPane Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Microsoft SharePoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ToolPane endpoint. The application does not adequately restrict access to a...

6.5CVSS7.2AI score0.99911EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.3 views

Veeam Agent for Microsoft Windows Incorrect Default Permissions Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Veeam Agent for Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...

7.8CVSS7.5AI score0.00228EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.3 views

ATEN eco DC Missing Authorization Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of ATEN eco DC. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based interface. The issue results from the lack of validating the assigned user role when...

8.8CVSS7.2AI score0.00654EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.2 views

(Pwn2Own) Red Hat Enterprise Linux CBS Packet Scheduling Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Red Hat Enterprise Linux. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

8.8CVSS7.5AI score0.0018EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.6 views

Amazon AWS Client VPN Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Amazon AWS Client VPN. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7CVSS6.7AI score0.00162EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.12 views

Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C...

7.8CVSS7.3AI score0.00197EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.9 views

Anritsu ShockLine CHX File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C...

7.8CVSS7.2AI score0.00454EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.9 views

(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.6AI score0.00189EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.7 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.7AI score0.00203EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.12 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.7AI score0.00193EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.6 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.7AI score0.00189EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.5 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.6AI score0.00215EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.11 views

(Pwn2Own) Phoenix Contact CHARX SEC-3150 OCPP Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the OCPP service. The issue result...

3.1CVSS6.2AI score0.00288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.7 views

(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.9AI score0.00189EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.7 views

Autodesk Revit RFA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Revit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RFA...

7.8CVSS6.2AI score0.00351EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.7 views

(0Day) Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.9AI score0.00203EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.8 views

(0Day) Ashlar-Vellum Cobalt LI File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.6AI score0.00203EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.9 views

(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.6AI score0.00189EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.7 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.6AI score0.00206EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.8 views

(0Day) Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.6AI score0.002EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.9 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.6AI score0.00215EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.13 views

(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.6AI score0.00193EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.12 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.7AI score0.00193EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.6 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.6AI score0.00206EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/22 12:0 a.m.8 views

(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.6AI score0.00193EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.7 views

rocket.chat Incorrect Authorization Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of rocket.chat. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 3000 by default. The issue results from...

3.7CVSS6AI score0.00422EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.7 views

(Pwn2Own) Phoenix Contact CHARX SEC-3150 DHCP Configuration Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration service, which listens on TCP port 50...

8.8CVSS7.5AI score0.0024EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.7 views

(Pwn2Own) NVIDIA Container Toolkit Environment Variable Handling Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NVIDIA Container Toolkit. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

8.8CVSS7.6AI score0.02541EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.8 views

(Pwn2Own) Phoenix Contact CHARX SEC-3150 Configuration Service Missing Authentication Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration service, which listens on TCP port 500...

8.8CVSS7.4AI score0.00299EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.7 views

(Pwn2Own) Phoenix Contact CHARX SEC-3100 Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the defaultroutemetric parameter to the...

7.5CVSS7.5AI score0.01404EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.6 views

Veeam Backup Enterprise Manager JobManagmentService Improper Access Control Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Veeam Backup Enterprise Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobManagmentService component. The issue results from improper...

6.8CVSS7.6AI score0.10671EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.17 views

(Pwn2Own) Phoenix Contact CHARX SEC-3150 Origin Validation Error Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules and access another interface on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of firewa...

6.3CVSS7.1AI score0.00631EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.5 views

Dassault Systèmes eDrawings Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00161EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.9 views

Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00161EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.30 views

Cisco Identity Services Engine handleFilesUpload Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the handleFilesUpload method. The issue results fro...

9.8CVSS7.8AI score0.09805EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.8 views

Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hsqldb service, which listens on TCP po...

7.5CVSS7.6AI score0.00602EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.4 views

Dassault Systèmes eDrawings Viewer IPT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00161EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.3 views

Cisco Identity Services Engine handleStrongSwanTunnelStatus Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the handleStrongSwanTunnelStatus method. The issue...

7.2CVSS7.7AI score0.12681EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.6 views

Dassault Systèmes eDrawings Viewer CATPRODUCT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00161EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.4 views

Linux Kernel ksmbd destroy_previous_session Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the destroyprevioussession function. The issue results from the lack of...

5.9CVSS6.9AI score0.00482EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.64 views

Cisco Identity Services Engine enableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the enableStrongSwanTunnel method. The issue result...

9.8CVSS7.7AI score0.65098EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/17 12:0 a.m.10 views

Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to disclose sensitive information or edit configuration on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which...

7.3CVSS6.6AI score0.00428EPSS
Exploits0References1
Total number of security vulnerabilities16763