Lucene search

K

CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800, Security Vulnerabilities

mskb
mskb

Description of the security update for SharePoint Foundation 2013: January 11, 2022 (KB5002127)

Description of the security update for SharePoint Foundation 2013: January 11, 2022 (KB5002127) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities,....

9.1AI Score

0.04EPSS

2022-01-11 08:00 AM
61
cve
cve

CVE-2021-20046

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware...

8.8CVSS

8.6AI Score

0.003EPSS

2022-01-10 02:10 PM
24
cve
cve

CVE-2021-20048

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware...

8.8CVSS

8.7AI Score

0.003EPSS

2022-01-10 02:10 PM
19
openvas
openvas

Memory Leak Vulnerability in Huawei Products (huawei-sa-20211208-01-memleak)

There is a memory leak vulnerability in Huawei...

7.5CVSS

7AI Score

0.001EPSS

2021-12-16 12:00 AM
3
huawei
huawei

Security Advisory - Apache log4j2 remote code execution vulnerabilities in some Huawei products

Some Huawei products are affected by the Apache Log4j2 remote code execution vulnerabilities. The vulnerabilities are caused by a recursive parsing error in some functions of Apache Log4j2. An attacker can construct a malicious request to control log parameters to trigger a remote code execution...

10CVSS

2.9AI Score

0.975EPSS

2021-12-15 12:00 AM
244
mskb
mskb

Description of the security update for SharePoint Foundation 2013: December 14, 2021 (KB5002071)

Description of the security update for SharePoint Foundation 2013: December 14, 2021 (KB5002071) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities,.....

7.8AI Score

0.038EPSS

2021-12-14 08:00 AM
35
nvd
nvd

CVE-2021-40008

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary...

7.5CVSS

0.001EPSS

2021-12-13 04:15 PM
cve
cve

CVE-2021-40008

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary...

7.5CVSS

7.4AI Score

0.001EPSS

2021-12-13 04:15 PM
17
prion
prion

Memory corruption

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary...

7.5CVSS

7.4AI Score

0.001EPSS

2021-12-13 04:15 PM
4
cvelist
cvelist

CVE-2021-40008

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary...

7.6AI Score

0.001EPSS

2021-12-13 03:48 PM
2
cnvd
cnvd

Huawei product memory leak vulnerability

Huawei CloudEngine is a data center switch from Huawei, a Chinese company. Huawei products are vulnerable to a memory leak that could be exploited by an attacker to cause a memory...

7.5CVSS

2AI Score

0.001EPSS

2021-12-10 12:00 AM
10
huawei
huawei

Security Advisory - Memory Leak Vulnerability in Huawei Products

There is a memory leak vulnerability in huawei products. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust. (Vulnerability ID:...

7.5CVSS

7.1AI Score

0.001EPSS

2021-12-08 12:00 AM
13
openvas

6.5CVSS

7.1AI Score

0.001EPSS

2021-11-24 12:00 AM
3
openvas

7.8CVSS

7.4AI Score

0.0004EPSS

2021-11-24 12:00 AM
3
cve
cve

CVE-2021-39976

There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher...

7.8CVSS

7.5AI Score

0.0004EPSS

2021-11-23 03:15 PM
29
nvd
nvd

CVE-2021-39976

There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher...

7.8CVSS

0.0004EPSS

2021-11-23 03:15 PM
prion
prion

Privilege escalation

There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher...

7.8CVSS

7.6AI Score

0.0004EPSS

2021-11-23 03:15 PM
9
githubexploit
githubexploit

Exploit for CVE-2021-44270

CVE-2021-44270 Anviz-Access-Control-Authentication-Bypass...

0.3AI Score

EPSS

2021-11-23 03:04 PM
309
cvelist
cvelist

CVE-2021-39976

There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher...

7.8AI Score

0.0004EPSS

2021-11-23 02:53 PM
cnvd
cnvd

Huawei CloudEngine Resource Management Error Vulnerability

Huawei CloudEngine is a data center switch from Huawei (China). Huawei CloudEngine is vulnerable to a resource management error, which can be exploited by attackers to cause a service exception by sending a specific tampered...

6.5CVSS

2.5AI Score

0.001EPSS

2021-11-17 12:00 AM
8
cnvd
cnvd

Huawei Cloudengine 5800 Privilege Permission and Access Control Issue Vulnerability

The Huawei Cloudengine 5800 is a 5800 series data center switch from Huawei of China.The Huawei Cloudengine 5800 is vulnerable to a privilege permission and access control issue, which stems from a lack of privilege restrictions, and an authenticated local attacker could perform specific actions...

7.8CVSS

3.2AI Score

0.0004EPSS

2021-11-10 12:00 AM
8
cve
cve

CVE-2020-28419

During installation with certain driver software or application packages an arbitrary code execution could...

8.8CVSS

8.9AI Score

0.002EPSS

2021-11-09 07:15 PM
26
openvas
openvas

Mozilla Firefox Security Advisory (MFSA2020-05) - Linux

This host is missing a security update for Mozilla...

8.8CVSS

7.6AI Score

0.013EPSS

2021-11-08 12:00 AM
4
openvas
openvas

Mozilla Firefox Security Advisory (MFSA2017-18) - Linux

This host is missing a security update for Mozilla...

9.8CVSS

7.6AI Score

0.035EPSS

2021-11-08 12:00 AM
2
huawei
huawei

Security Advisory - Privilege Escalation Vulnerability in Huawei Product

There is a privilege escalation vulnerability in some Huawei products. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. (Vulnerability...

7.8CVSS

7.2AI Score

0.0004EPSS

2021-11-03 12:00 AM
27
nvd
nvd

CVE-2021-37122

There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800...

6.5CVSS

0.001EPSS

2021-10-27 01:15 AM
cve
cve

CVE-2021-37122

There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800...

6.5CVSS

6.3AI Score

0.001EPSS

2021-10-27 01:15 AM
31
prion
prion

Design/Logic Flaw

There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800...

6.5CVSS

6.4AI Score

0.001EPSS

2021-10-27 01:15 AM
3
cvelist
cvelist

CVE-2021-37122

There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800...

6.6AI Score

0.001EPSS

2021-10-27 12:36 AM
cve
cve

CVE-2021-20031

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web...

6.1CVSS

6.1AI Score

0.015EPSS

2021-10-12 11:15 PM
60
mskb
mskb

Description of the security update for SharePoint Foundation 2013: October 12, 2021 (KB5002042)

Description of the security update for SharePoint Foundation 2013: October 12, 2021 (KB5002042) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerabilities,...

7.2AI Score

0.163EPSS

2021-10-12 07:00 AM
48
huawei
huawei

Security Advisory - Use-after-free Vulnerability in Huawei Products

There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. (Vulnerability ID: HWPSIRT-2020-67955) This vulnerability has been assigned a Common Vulnerabilities and...

6.5CVSS

6.1AI Score

0.001EPSS

2021-10-08 12:00 AM
15
huawei
huawei

Security Advisory - Command Injection Vulnerability in Huawei FusionCompute Product

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful...

8.8CVSS

8.6AI Score

0.001EPSS

2021-09-22 12:00 AM
16
mskb
mskb

Description of the security update for SharePoint Foundation 2013: September 14, 2021 (KB5002024)

Description of the security update for SharePoint Foundation 2013: September 14, 2021 (KB5002024) Summary This security update resolves Microsoft SharePoint Server spoofing vulnerabilities. To learn more about the vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-38651...

5.9AI Score

0.001EPSS

2021-09-14 07:00 AM
25
cve
cve

CVE-2021-40539

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code...

9.8CVSS

9.9AI Score

0.975EPSS

2021-09-07 05:15 PM
1182
In Wild
7
prion
prion

Authentication flaw

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code...

9.8CVSS

9.9AI Score

0.975EPSS

2021-09-07 05:15 PM
13
cnvd
cnvd

Multiple Huawei CloudEngine Products Denial of Service Vulnerabilities

Huawei CloudEngine 12800 is a 12800 series data center switch. Huawei Cloudengine 5800 is a 5800 series data center switch from Huawei, China. Huawei CloudEngine 6800 is a 6800 series 10GbE switch for data centers. A denial-of-service vulnerability exists in several Huawei CloudEngine products,...

7.5CVSS

2.4AI Score

0.001EPSS

2021-08-25 12:00 AM
8
openvas
openvas

Denial of Service Vulnerability in Some Huawei Products (huawei-sa-20210407-01-dos)

There is a denial of service vulnerability in some Huawei...

7.5CVSS

7.5AI Score

0.001EPSS

2021-08-24 12:00 AM
3
nuclei
nuclei

WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution

WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote code execution by setting supported_type to php% and uploading a .php%...

9.8CVSS

9.8AI Score

0.975EPSS

2021-08-23 11:27 PM
2
nvd
nvd

CVE-2021-22328

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800...

7.5CVSS

0.001EPSS

2021-08-23 08:15 PM
cve
cve

CVE-2021-22328

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800...

7.5CVSS

7.4AI Score

0.001EPSS

2021-08-23 08:15 PM
23
2
prion
prion

Denial of service

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800...

7.5CVSS

7.3AI Score

0.001EPSS

2021-08-23 08:15 PM
3
cvelist
cvelist

CVE-2021-22328

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800...

7.6AI Score

0.001EPSS

2021-08-23 07:29 PM
nessus
nessus

Rockwellautomation Rslogix Insufficiently Protected Credentials

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

3.7AI Score

0.009EPSS

2021-08-10 12:00 AM
8
mskb
mskb

Description of the security update for SharePoint Foundation 2013: July 13, 2021 (KB5001992)

Description of the security update for SharePoint Foundation 2013: July 13, 2021 (KB5001992) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, SharePoint Server spoofing vulnerability, and SharePoint Server information disclosure...

6.9AI Score

0.55EPSS

2021-07-13 07:00 AM
24
cve
cve

CVE-2021-28958

Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated Remote Code Execution while changing the...

9.8CVSS

9.7AI Score

0.022EPSS

2021-06-25 12:15 PM
56
4
prion
prion

Remote code execution

Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated Remote Code Execution while changing the...

9.8CVSS

9.7AI Score

0.022EPSS

2021-06-25 12:15 PM
1
cve
cve

CVE-2021-20027

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual...

7.5CVSS

7.6AI Score

0.002EPSS

2021-06-14 11:15 PM
40
4
nessus
nessus

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14290-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14290-1 advisory. A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound...

8.8CVSS

-0.2AI Score

0.013EPSS

2021-06-10 12:00 AM
219
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2020:14290-1)

The remote host is missing an update for...

8.8CVSS

6.8AI Score

0.013EPSS

2021-06-09 12:00 AM
4
Total number of security vulnerabilities1776