Lucene search

K

CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800, Security Vulnerabilities

openvas
openvas

SUSE: Security Advisory (SUSE-SU-2016:2964-1)

The remote host is missing an update for...

8.8CVSS

8.6AI Score

0.109EPSS

2021-06-09 12:00 AM
4
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:2302-1)

The remote host is missing an update for...

9.8CVSS

7.7AI Score

0.017EPSS

2021-06-09 12:00 AM
3
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2020:0383-1)

The remote host is missing an update for...

8.8CVSS

6.8AI Score

0.013EPSS

2021-06-09 12:00 AM
2
mskb
mskb

Description of the security update for SharePoint Foundation 2013: June 8, 2021 (KB5001962)

Description of the security update for SharePoint Foundation 2013: June 8, 2021 (KB5001962) Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, SharePoint spoofing vulnerability, SharePoint Server remote code execution vulnerability, and SharePoint...

7.1AI Score

0.089EPSS

2021-06-08 07:00 AM
46
cve
cve

CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions...

5.3CVSS

5.3AI Score

0.001EPSS

2021-05-27 01:15 PM
25
2
nvd
nvd

CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions...

5.3CVSS

0.001EPSS

2021-05-27 01:15 PM
prion
prion

Design/Logic Flaw

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions...

5.3CVSS

5.3AI Score

0.001EPSS

2021-05-27 01:15 PM
6
cvelist
cvelist

CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions...

5.6AI Score

0.001EPSS

2021-05-27 12:18 PM
huawei
huawei

Security Advisory - Possible Out-Of-Bounds Read Vulnerability in Huawei Products

There is an out of bounds read vulnerability in some Huawei products. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal....

3.3CVSS

4.2AI Score

0.0004EPSS

2021-05-26 12:00 AM
27
huawei
huawei

Security Advisory - Out of Bounds Write Vulnerability in Huawei CloudEngine Product

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal. (Vulnerability ID:...

5.3CVSS

5.4AI Score

0.001EPSS

2021-05-19 12:00 AM
23
mskb
mskb

Description of the security update for SharePoint Foundation 2013: May 11, 2021 (KB5001935)

Description of the security update for SharePoint Foundation 2013: May 11, 2021 (KB5001935) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, information disclosure vulnerability, and spoofing vulnerability, and Microsoft SharePoint remote...

7.1AI Score

0.306EPSS

2021-05-11 07:00 AM
35
cve
cve

CVE-2021-22332

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious...

7.5CVSS

7.4AI Score

0.001EPSS

2021-04-28 01:15 PM
22
4
nvd
nvd

CVE-2021-22332

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious...

7.5CVSS

0.001EPSS

2021-04-28 01:15 PM
prion
prion

Double free

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious...

7.5CVSS

7.4AI Score

0.001EPSS

2021-04-28 01:15 PM
6
cve
cve

CVE-2021-22393

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of...

7.5CVSS

7.3AI Score

0.001EPSS

2021-04-28 12:15 PM
20
5
nvd
nvd

CVE-2021-22393

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of...

7.5CVSS

0.001EPSS

2021-04-28 12:15 PM
prion
prion

Denial of service

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of...

7.5CVSS

7.3AI Score

0.001EPSS

2021-04-28 12:15 PM
3
cvelist
cvelist

CVE-2021-22332

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious...

7.6AI Score

0.001EPSS

2021-04-28 12:10 PM
1
cvelist
cvelist

CVE-2021-22393

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of...

7.5AI Score

0.001EPSS

2021-04-28 11:36 AM
ics
ics

Rockwell Automation Stratix Switches

EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/ Low attack complexity Vendor: Rockwell Automation Equipment: Stratix Switches Vulnerabilities: Insufficiently Protected Credentials, Insufficient Verification of Data Authenticity, Use of Out-of-Range Pointer Offset, Insertion of...

7.8CVSS

7.7AI Score

0.002EPSS

2021-04-20 12:00 PM
31
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:2589-1)

The remote host is missing an update for...

9.8CVSS

7.7AI Score

0.017EPSS

2021-04-19 12:00 AM
3
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2020:0384-1)

The remote host is missing an update for...

8.8CVSS

6.8AI Score

0.013EPSS

2021-04-19 12:00 AM
2
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2016:2667-1)

The remote host is missing an update for...

8.8CVSS

8.5AI Score

0.109EPSS

2021-04-19 12:00 AM
6
cve
cve

CVE-2019-10881

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be...

9.8CVSS

9.4AI Score

0.002EPSS

2021-04-13 09:15 PM
32
5
nessus
nessus

ManageEngine AssentExplorer < 6.8 Unauthenticated Stored XSS

A stored cross-site scripting (XSS) vulnerability exists in the XML processing logic of asset discovery. By sending a crafted HTTP POST request to /discoveryServlet/WsDiscoveryServlet, a remote, unauthenticated attacker can create an asset containing malicious JavaScript. When an administrator...

6.1CVSS

6AI Score

0.033EPSS

2021-04-12 12:00 AM
12
cve
cve

CVE-2021-20080

Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset...

6.1CVSS

5.9AI Score

0.033EPSS

2021-04-09 06:15 PM
49
3
nvd
nvd

CVE-2021-20080

Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset...

6.1CVSS

0.033EPSS

2021-04-09 06:15 PM
prion
prion

Cross site scripting

Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset...

6.1CVSS

5.9AI Score

0.033EPSS

2021-04-09 06:15 PM
2
cvelist
cvelist

CVE-2021-20080

Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset...

6.1AI Score

0.033EPSS

2021-04-09 05:21 PM
ics
ics

FATEK Automation Designer Memory Corruption Vulnerabilities

OVERVIEW Ariele Caltabiano (kimiya) working with Trend Micro’s Zero Day Initiative (ZDI) has identified a heap memory corruption and two stack buffer overflow vulnerabilities in Fatek’s Automation PM and FV Designer applications. Fatek has not produced an update to mitigate these vulnerabilities......

8.8CVSS

9AI Score

0.014EPSS

2021-04-08 12:00 PM
33
huawei
huawei

Security Advisory - Pointer Double Free Vulnerability in Some Huawei Products

There is a pointer double free vulnerability in Some Huawei Products. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash,...

7.5CVSS

7.1AI Score

0.001EPSS

2021-04-07 12:00 AM
31
huawei
huawei

Security Advisory - Denial of Service Vulnerability in Some Products

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. (Vulnerability ID: HWPSIRT-2020-70186) This vulnerability has been....

7.5CVSS

6.9AI Score

0.001EPSS

2021-04-07 12:00 AM
17
huawei
huawei

Security Advisory - Denial of Service Vulnerability in Huawei Product

There is a denial of service vulnerability in Huawei product. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal...

7.5CVSS

6.9AI Score

0.001EPSS

2021-03-24 12:00 AM
12
ics
ics

Rockwell Automation Logix Controllers (Update A)

EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a...

9.8CVSS

9.7AI Score

0.009EPSS

2021-03-18 12:00 PM
46
nessus
nessus

NewStart CGSL MAIN 4.06 : firefox Multiple Vulnerabilities (NS-SA-2021-0004)

The remote NewStart CGSL host, running version MAIN 4.06, has firefox packages installed that are affected by multiple vulnerabilities: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable...

9.8CVSS

-0.1AI Score

0.924EPSS

2021-03-10 12:00 AM
176
nessus
nessus

NewStart CGSL MAIN 4.06 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0002)

The remote NewStart CGSL host, running version MAIN 4.06, has thunderbird packages installed that are affected by multiple vulnerabilities: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially...

9.8CVSS

10.2AI Score

0.924EPSS

2021-03-10 12:00 AM
193
mskb
mskb

Description of the security update for SharePoint Foundation 2013: March 9, 2021 (KB4493238)

Description of the security update for SharePoint Foundation 2013: March 9, 2021 (KB4493238) Summary This security update resolves a Microsoft SharePoint Spoofing Vulnerability. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-24104 and...

6.8AI Score

0.294EPSS

2021-03-09 08:00 AM
59
nvd
nvd

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

9.8CVSS

0.009EPSS

2021-03-03 06:15 PM
cve
cve

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

9.8CVSS

9.4AI Score

0.009EPSS

2021-03-03 06:15 PM
52
6
prion
prion

Design/Logic Flaw

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

9.8CVSS

9.5AI Score

0.009EPSS

2021-03-03 06:15 PM
8
cvelist
cvelist

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

9.7AI Score

0.009EPSS

2021-03-03 05:59 PM
mskb
mskb

Description of the security update for SharePoint Foundation 2013: February 9, 2021 (KB4493210)

Description of the security update for SharePoint Foundation 2013: February 9, 2021 (KB4493210) Summary This security update resolves Microsoft SharePoint Spoofing Vulnerability, SharePoint Remote Code Execution Vulnerability, and SharePoint Information Disclosure Vulnerability. To learn more...

7.4AI Score

0.019EPSS

2021-02-09 08:00 AM
23
nessus
nessus

CentOS 8 : thunderbird (CESA-2020:0577)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0577 advisory. Mozilla: Message ID calculation was based on uninitialized data (CVE-2020-6792) Mozilla: Out-of-bounds read when processing certain email messages...

8.8CVSS

8.8AI Score

0.013EPSS

2021-02-01 12:00 AM
30
nessus
nessus

CentOS 8 : firefox (CESA-2020:0512)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0512 advisory. Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Incorrect parsing of template tag could result in...

8.8CVSS

-0.1AI Score

0.013EPSS

2021-02-01 12:00 AM
27
nvd
nvd

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....

6.5CVSS

6.5AI Score

0.001EPSS

2021-01-13 11:15 PM
2
cve
cve

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....

6.5CVSS

6.4AI Score

0.001EPSS

2021-01-13 11:15 PM
20
prion
prion

Out-of-bounds

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....

6.5CVSS

6.4AI Score

0.001EPSS

2021-01-13 11:15 PM
2
cvelist
cvelist

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....

6.5AI Score

0.001EPSS

2021-01-13 10:20 PM
mskb
mskb

Description of the security update for SharePoint Foundation 2013: January 12, 2021

Description of the security update for SharePoint Foundation 2013: January 12, 2021 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

7.1AI Score

0.013EPSS

2021-01-12 08:00 AM
24
huawei
huawei

Security Advisory - Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....

6.5CVSS

6.1AI Score

0.001EPSS

2020-12-30 12:00 AM
14
Total number of security vulnerabilities1776