** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort...
9.8CVSS
9.7AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory...
7.8CVSS
6.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption in MPP performance while accessing DSM watermark using external memory...
7.8CVSS
7.8AI Score
0.0004EPSS
Out-of-bounds write in firmware for some Intel(R) FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local...
6CVSS
4.3AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
9.8CVSS
9.3AI Score
0.001EPSS
8.2CVSS
7.3AI Score
0.001EPSS
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line...
8.2CVSS
7.3AI Score
0.001EPSS
9.8CVSS
9.3AI Score
0.001EPSS
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA...
7.5CVSS
7.5AI Score
0.0005EPSS
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...
7.5CVSS
7.5AI Score
0.0005EPSS
Memory Corruption in Data Modem while processing DMA buffer release event about CFR...
7.8CVSS
7.7AI Score
0.0004EPSS
6.8CVSS
6.6AI Score
0.001EPSS
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from...
9.8CVSS
9.4AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...
7.9CVSS
8AI Score
0.001EPSS
Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory Corruption in Graphics while accessing a buffer allocated through the graphics...
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to...
8.4CVSS
7.9AI Score
0.0004EPSS
8.2CVSS
7.4AI Score
0.001EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...
6.8CVSS
6.8AI Score
0.001EPSS
9.1CVSS
9.2AI Score
0.001EPSS
An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP...
10CVSS
9.6AI Score
0.003EPSS
An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303....
8.8CVSS
8.5AI Score
0.002EPSS
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to....
5.3CVSS
5.5AI Score
0.001EPSS
An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29.....
7.5CVSS
7.6AI Score
0.001EPSS
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS). This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior.....
7.5CVSS
7.5AI Score
0.001EPSS
An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain....
9.1CVSS
8.6AI Score
0.001EPSS
An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The impact of.....
7.5CVSS
7.7AI Score
0.001EPSS
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which.....
9.8CVSS
9.6AI Score
0.002EPSS
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300,...
9.8CVSS
9.5AI Score
0.004EPSS
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of.....
10CVSS
9.7AI Score
0.009EPSS
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by...
4.9CVSS
5.2AI Score
0.001EPSS
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web...
7.5CVSS
7.6AI Score
0.003EPSS
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear...
7.5CVSS
7.3AI Score
0.002EPSS
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to...
7.5CVSS
7.5AI Score
0.001EPSS
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative...
7.5CVSS
7.2AI Score
0.001EPSS
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation.....
5.4CVSS
5.2AI Score
0.001EPSS
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient....
4.8CVSS
4.9AI Score
0.001EPSS
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient....
4.8CVSS
4.9AI Score
0.001EPSS
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...
8.8CVSS
8.8AI Score
0.001EPSS
An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, and man in the middle attacks. An attacker is able to successfully use SIP to communicate with the...
9.8CVSS
9.4AI Score
0.001EPSS
An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, plaintext passwords can be obtained as they are typed into Sunny Explorer by the user. These passwords can then be used to compromise the overall device. NOTE: the vendor reports that...
9.8CVSS
9.2AI Score
0.003EPSS