Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated cross-site scripting (XSS) issue exists due to insufficient validation of user-supp ...
Continue Reading
September 04, 2025
E3 Site Supervisor Control (firmware version < 2.31F01) MGW contains an API call that lacks input validation. An attacker can use this command to continuously crash the application...Read More ...
Continue Reading
September 04, 2025
E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An atta ...
Continue Reading
September 04, 2025
E3 Site Supervisor Control (firmware version < 2.31F01) RCI service contains an API call to read users info, which returns all usernames and password hashes for the application...Read More ...
Continue Reading
September 04, 2025
A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malic ...
Continue Reading
September 04, 2025
A deserialization vulnerability exists in the H2O-3 REST API (POST /99/ImportSQLTable) that affects all versions up to 3.46.0.7. This vulnerability allows remote code execution (RCE) due to improper v ...
Continue Reading
September 04, 2025
creation_timestamp| type| source ---|---|--- 2025-09-04 10:45:53+00:00| seen|...Read More ...
Continue Reading
September 04, 2025
creation_timestamp| type| source ---|---|--- 2025-09-04 09:36:53+00:00| confirmed|...Read More ...
Continue Reading
September 04, 2025
Back to Main
