CVE-2016-2568 affecting package polkit 0.119-3
CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...
7.9AI Score
0.0004EPSS
Huawei YunShan OS Detection (SSH Login)
SSH login-based detection of Huawei YunShan OS network ...
7.4AI Score
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system...
9.8CVSS
8.2AI Score
0.001EPSS
RHEL 5 : mozilla (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Sandbox escape with improperly separated process types (CVE-2020-12389) Mozilla: Memory safety...
10AI Score
RHEL 7 : libraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libraw: Memory corruption in the parse_tiff_ifd() (CVE-2017-6886) There is a floating point exception in...
7.9AI Score
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an unauthorized access attack due to improper access control. A successful exploit...
7.5AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct an argument injection attack due to insufficient parameter....
8AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication control. A successful...
7.7AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker to conduct a buffer overflow attack due to insufficient bounds checking and input sanitization. A...
8.6AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct a path traversal attack due to insufficient input...
7.1AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct an argument injection attack due to insufficient parameter....
7.5AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker to conduct a buffer overflow attack due to insufficient bounds checking and input sanitization. A...
8.1AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication control. A successful...
7.3AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct a path traversal attack due to insufficient input...
6.7AI Score
0.0004EPSS
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an unauthorized access attack due to improper access control. A successful exploit...
7AI Score
0.0004EPSS
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Vulnerabilities
Multiple vulnerabilities in Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, gain unauthorized access, or view sensitive information on an affected system. For more information about these vulnerabilities, see the Details...
7.7AI Score
0.0004EPSS
7.6AI Score
0.0005EPSS
Cisco IOS Software for Catalyst 6000 Series Switches DoS (cisco-sa-ios-dos-Hq4d3tZG)
According to its self-reported version, Cisco IOS is affected by a vulnerability. A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due...
7.1AI Score
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in...
7.6AI Score
0.0004EPSS
Sr2T - Converts Scanning Reports To A Tabular Format
Scanning reports to tabular (sr2t) This tool takes a scanning tool's output file, and converts it to a tabular format (CSV, XLSX, or text table). This tool can process output from the following tools: Nmap (XML); Nessus (XML); Nikto (XML); Dirble (XML); Testssl (JSON); Fortify (FPR). Rationale...
6.6AI Score
New Sysrv Botnet Variant Makes Use of Google Subdomain to Spread XMRig Miner
Sysrv is a well-documented botnet first identified in 2020, with the main payload being a worm written in Golang. It drops a cryptominer onto infected hosts before attempting to propagate itself using various methods, including network vulnerabilities. Over the past few years, the botnet has...
10AI Score
0.975EPSS
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial...
7.6AI Score
Cisco IP Phones 7800 and 8800 Series Session Initiation Protocol Denial of Service (CVE-2019-1922)
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol.....
7.6AI Score
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system....
8.2AI Score
Cisco IP Phones Call Log Information Disclosure (CVE-2020-3360)
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected...
5.3AI Score
Cisco IP Phones 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow (CVE-2022-20968)
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco...
9.1AI Score
Cisco IP Phones 7800 and 8800 Series Web Management Interface Authentication Bypass (CVE-2023-20018)
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit....
6.8AI Score
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to...
5.4AI Score
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS)...
7.7AI Score
A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to...
9.2AI Score
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected.....
6.8AI Score
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is...
7.7AI Score
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS)...
6.6AI Score
Cisco IP Phones 7800 Series and 8800 Series Remote Code Execution (CVE-2019-1716)
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The...
9.9AI Score
openSUSE: Security Advisory for libreoffice (SUSE-SU-2023:4496-1)
The remote host is missing an update for...
5.8AI Score
0.0005EPSS
8AI Score
0.001EPSS
Exploit for OS Command Injection in Zyxel Usg Flex 100W Firmware
CVE-2022-30525 (Zyxel Firewall Remote Command Injection) A...
8.1AI Score
0.975EPSS
7.4AI Score
7.4AI Score
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service...
8.8CVSS
7.3AI Score
0.001EPSS
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service...
8.8CVSS
7.1AI Score
0.001EPSS
CVE-2023-5800 Insufficient input validation in VAPIX API create_overlay.cgi
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service...
6.5AI Score
0.001EPSS
Malicious code in wlwz-2312-7800 (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (7fcaeb752976ee1b4ec2864490b0ec36851a13f636d2e9816dae5b800f9afa1d) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Malicious code in wlwz-2312-6800 (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (166f7a8f9273b58c99d4b98e0c59c61c80b785fc5867f8dbb4da4086f9626ed4) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Malicious code in wlwz-2312-5800 (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (f96f6776c01b0bad20c67f46b5523dece5292ce9d738606bfb82a67b1a203e3e) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this...
8.8CVSS
8.4AI Score
0.001EPSS
Pointer Double Free Vulnerability in Some Huawei Products (huawei-sa-20210407-01-doublefree)
There is a pointer double free vulnerability in some Huawei ...
7.7AI Score
0.001EPSS
Privilege Escalation Vulnerability in Some Huawei Products (huawei-sa-20201202-02-privilege)
There is a privilege escalation vulnerability in some Huawei ...
6.8AI Score
0.0004EPSS
Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)
There is an out-of-bounds read vulnerability in Huawei CloudEngine...
6.5AI Score
0.001EPSS
Denial of Service Vulnerability in Huawei Product (huawei-sa-20210324-01-dos)
There is a denial of service vulnerability in Huawei...
7.5AI Score
0.001EPSS