Skip to main content
CVE-2025-59100 Monitor

The web interface offers a functionality to export the internal SQLite database. After executing the database export, an automatic download is started and the device reboots.

SQLi
NVD
EPSS
0.0%
CVE-2025-30248 Monitor

DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path.

Windows
NVD
EPSS
0.0%
CVE-2025-59109 Monitor

The dormakaba registration units 9002 (PIN Pad Units) have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface.

Information Disclosure
NVD
EPSS
0.0%
CVE-2025-59104 Monitor

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootloader, where the kernel command line can be changed.

Linux
NVD
EPSS
0.0%
CVE-2025-41083 Monitor

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious website.

Information Disclosure
NVD
EPSS
0.0%
CVE-2025-41082 Monitor

Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers.

Code Injection
NVD
EPSS
0.0%
CVE-2025-59107 This Week

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file.

Authentication Bypass
NVD
EPSS
0.0%
CVE-2025-59093 Monitor

Exos 9300 instances are using a randomly generated database password to connect to the configured MSSQL server. The password is derived from static random values, which are concatenated to the hostname and a random string that can be read by every user from the registry.

.NET MSSQL
NVD
EPSS
0.0%
CVE-2025-59096 This Week

The default password for the extended admin user mode in the application U9ExosAdmin.exe ("Kaba 9300 Administration") is hard-coded in multiple locations as well as documented in the locally stored user documentation.

Authentication Bypass
NVD
EPSS
0.0%
CVE-2025-59094 This Week

A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe).

Privilege Escalation
NVD
EPSS
0.0%
CVE-2026-22696 PATCH Monitor

dcap-qvl implements the quote verification logic for DCAP (Data Center Attestation Primitives). A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl.

Authentication Bypass
NVD GitHub
EPSS
0.0%
CVE-2025-59095 This Week

The program libraries (DLL) and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll.

MSSQL
NVD
EPSS
0.0%
CVE-2026-24408 NONE PATCH Awaiting Data

sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery.

Python CSRF
NVD GitHub
EPSS
0.0%
CVE-2025-71178 Monitor

Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs using an uncontrolled search path, which can cause a malicious DLL placed alongside the installer to be loaded instead of the intended system library. A local attacker who can convince a victim to run the installer from a directory containing the attacker-supplied DLL can achieve arbitrary code exe...

Windows RCE
NVD
EPSS
0.0%
CVE-2025-59105 Monitor

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption.

Linux Windows SSH SQLi
NVD
EPSS
0.0%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy