Skip to main content

Management System

4 CVEs product

Monthly

CVE-2025-26086 HIGH This Week

An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Management System
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2019-12394 CRITICAL Act Now

Anviz access control devices allow unverified password change which allows remote attackers to change the administrator password without prior authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Management System
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2019-12393 HIGH This Week

Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Management System
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-12391 HIGH This Week

The Anviz Management System for access control has insufficient logging for device events such as door open requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Management System
NVD
CVSS 3.1
7.5
EPSS
1.1%
EPSS 1% CVSS 7.5
HIGH This Week

An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Management System
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Anviz access control devices allow unverified password change which allows remote attackers to change the administrator password without prior authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Management System
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Management System
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The Anviz Management System for access control has insufficient logging for device events such as door open requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy