Search Results (2534 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-34039 1 Yonyou 1 Ufida-nc 2026-04-15 N/A
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This can be exploited to run system commands and ultimately gain full control over the target server. The issue is rooted in a third-party JAR component bundled with the application, and the servlet is accessible without authentication on vulnerable installations. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.
CVE-2025-41232 2026-04-15 9.1 Critical
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: * You are using @EnableMethodSecurity(mode=ASPECTJ) and spring-security-aspects, and * You have Spring Security method annotations on a private method In that case, the target method may be able to be invoked without proper authorization. You are not affected if: * You are not using @EnableMethodSecurity(mode=ASPECTJ) or spring-security-aspects, or * You have no Spring Security-annotated private methods
CVE-2025-62607 1 Nautobot 1 App-ssot 2026-04-15 5.3 Medium
Nautobot Single Source of Truth (SSoT) is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the Secret Name, or the Secret Value for the Username/Password for Service-Now.com. An unauthenticated member would not be able to change the instance name, nor set a Secret. There is not a way to gain access to other pages Nautobot through the unauthenticated Configuration page. This issue has been patched in version 3.10.0.
CVE-2025-6260 2026-04-15 9.8 Critical
The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset user credentials by manipulating specific elements of the embedded web interface.
CVE-2025-43983 1 Kuwfi 1 Cpf908-cp5 2026-04-15 9.1 Critical
KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform_set_cmd_process and goform/goform_get_cmd_process. These allow an unauthenticated attacker to retrieve sensitive information (including the device admin username and password), modify critical device settings, and send arbitrary SMS messages.
CVE-2023-25493 1 Lenovo 1 Bios 2026-04-15 6.7 Medium
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code.
CVE-2025-47272 2026-04-15 5.5 Medium
The CE Phoenix eCommerce platform, starting in version 1.0.9.7 and prior to version 1.1.0.3, allowed logged-in users to delete their accounts without requiring password re-authentication. An attacker with temporary access to an authenticated session (e.g., on a shared/public machine) could permanently delete the user’s account without knowledge of the password. This bypass of re-authentication puts users at risk of account loss and data disruption. Version 1.1.0.3 contains a patch for the issue.
CVE-2025-52551 2026-04-15 N/A
E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system.
CVE-2025-61928 1 Better-auth 1 Better Auth 2026-04-15 N/A
Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the `api/auth/api-key/create` route. `session?.user ?? (authRequired ? null : { id: ctx.body.userId })`. When no session exists but `userId` is present in the request body, `authRequired` becomes false and the user object is set to the attacker-controlled ID. Server-only field validation only executes when `authRequired` is true (lines 280-295), allowing attackers to set privileged fields. No additional authentication occurs before the database operation, so the malicious payload is accepted. The same pattern exists in the update endpoint. This is a critical authentication bypass enabling full an unauthenticated attacker can generate an API key for any user and immediately gain complete authenticated access. This allows the attacker to perform any action as the victim user using the api key, potentially compromise the user data and the application depending on the victim's privileges. Version 1.3.26 contains a patch for the issue.
CVE-2025-5310 2026-04-15 9.8 Critical
Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.
CVE-2023-1083 1 Welotec 5 Tk515l, Tk525l, Tk525u and 2 more 2026-04-15 9.8 Critical
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.
CVE-2025-53118 1 Securden 1 Unified Pam 2026-04-15 9.8 Critical
An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session tokens stored by the Unified PAM.
CVE-2020-36904 1 Microsoft 1 Windows 2026-04-15 7.5 High
Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration, including changing admin passwords and executing system commands.
CVE-2012-10062 2 Apache Friends, Apachefriends 2 Xampp, Xampp 2026-04-15 N/A
A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a subsequent GET request, resulting in remote code execution on the server.
CVE-2013-10046 2026-04-15 N/A
A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting a directory traversal weakness in the pipe protocol, an attacker can instruct the service to load a malicious DLL from a user-controlled location. The DLL is then executed in the context of the privileged service.
CVE-2015-10141 2026-04-15 5.6 Medium
An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user.
CVE-2017-20213 1 Flir 1 Thermal Camera 2026-04-15 7.5 High
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera series without requiring any authentication.
CVE-2020-12484 2026-04-15 6.4 Medium
When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks.
CVE-2020-12491 2026-04-15 N/A
Improper control of framework service permissions with possibility of some sensitive device information leakage.
CVE-2020-12492 2026-04-15 N/A
Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information.