DP300,TE60,TP3106,ViewPoint 9030,eCNS210 TD,eSpace 7950,eSpace IAD,eSpace U1981 Security Vulnerabilities
There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information...
7.5CVSS
7.5AI Score
0.004EPSS
There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information...
7.5AI Score
0.004EPSS
AI Score
Security Advisory - Buffer Overflow Vulnerability in Huawei Atlas Product
There is a buffer overflow vulnerability in Huawei Atlas product. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. (Vulnerability ID: HWPSIRT-2019-08062) This vulnerability has been...
5.5CVSS
5.8AI Score
0.0004EPSS
Security Advisory - Use of Insufficiently Random Values Vulnerability in Huawei ViewPoint Products
There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak. (Vulnerability ID: HWPSIRT-2019-10076) This vulnerability has been....
7.5CVSS
7.1AI Score
0.004EPSS
woodsmonkey.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1015091 Security Researcher g0bl1nsec Helped patch 3754 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting woodsmonkey.com website...
0.2AI Score
-0.1AI Score
7.4AI Score
ukmedicaldecisionlawblog.co.uk Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-997756 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting...
-0.1AI Score
Description of the security update for SharePoint Foundation 2013: October 8, 2019
Description of the security update for SharePoint Foundation 2013: October 8, 2019 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not ccorrectly sanitize a specially crafted web request to an affected SharePoint...
5.7AI Score
0.001EPSS
HQWar: the higher it flies, the harder it drops
Mobile dropper Trojans are one of today's most rapidly growing classes of malware. In Q1 2019, droppers are in the 2nd or 3rd position in terms of share of total detected threats, while holding nearly half of all Top 20 places in 2018. Since the droppers' main task is to deliver payload while...
-0.5AI Score
aaronfortier.ca Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-984334 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
6.1AI Score
401location.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-984293 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting 401location.com website...
AI Score
qualit-enr.org Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-981378 Security Researcher Rbcafe Helped patch 258 vulnerabilities Received 3 Coordinated Disclosure badges Received 7 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting qualit-enr.org website and its.....
0.1AI Score
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...
7.8CVSS
1.4AI Score
0.001EPSS
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as...
7.8CVSS
1.1AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: September 10, 2019
Description of the security update for SharePoint Foundation 2013: September 10, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about the.....
7.8AI Score
0.013EPSS
Description of the security update for SharePoint Foundation 2013: August 13, 2019
Description of the security update for SharePoint Foundation 2013: August 13, 2019 Summary This security update resolves an information disclosure vulnerabilty that exists because of the manner in which Microsoft SharePoint handles session objects. To learn more about the vulnerability, see...
5AI Score
0.001EPSS
magento/community-edition is vulnerable to authorization bypass. The vulnerability exists as a user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental...
7.5CVSS
4AI Score
0.001EPSS
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
7.4AI Score
0.001EPSS
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
6.8AI Score
0.001EPSS
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
7.4AI Score
0.001EPSS
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
7.4AI Score
0.001EPSS
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5AI Score
0.001EPSS
After nearly 6 years of tearing apart 'internet of things' devices, here's a look at the high level fails that we keep seeing. We're not going to go in to point issues such as Wi-Fi credential leakage and Bluetooth compromise: our blog is littered with those! What are the root issues and what can.....
6.7AI Score
Meet Extenbro, a new DNS-changer Trojan protecting adware
Recently, we uncovered a new DNS-changer called Extenbro that comes with an adware bundler. These DNS-changers block access to security-related sites, so the adware victims can’t download and install security software to get rid of the pests. From our viewpoint, this might be like sending in an...
0.4AI Score
Security Advisory - Intel Microarchitectural Data Sampling (MDS) vulnerabilities
Intel officially released a group of microarchitecture data sampling (MDS) vulnerabilities. An attacker with local access to a targeted system may exploit these vulnerabilities to obtain data on the targeted system, causing some information leakage. (Vulnerability ID: HWPSIRT-2019-05136,...
5.6CVSS
0.2AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: July 9, 2019
Description of the security update for SharePoint Foundation 2013: July 9, 2019 Summary This security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity...
8.3AI Score
0.002EPSS
Siemens IE/PB LINK PN IO Ethernet to PROFIBUS Communications Adapter
As a stand-alone component, the IE/PB LINK PN IO builds the seamless transition between Industrial Ethernet and PROFIBUS by means of real-time communication (RT) and thus enables existing PROFIBUS devices to be integrated into a PROFINET application. From the viewpoint of the IO Controller, all DP....
1.6AI Score
Magento 2.1.x < 2.1.18, 2.2.x < 2.2.9, 2.3.x < 2.3.2 Multiple Vulnerabilities (Jun 2019)
Magento is prone to multiple vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS) and others. See the referenced advisories for further details on each specific...
9.8CVSS
7.1AI Score
0.099EPSS
espace-client.covage.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-880262 Security Researcher Implosion Helped patch 1643 vulnerabilities Received 7 Coordinated Disclosure badges Received 29 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting espace-client.covage.com...
-0.1AI Score
7.5CVSS
7.2AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: June 11, 2019
Description of the security update for SharePoint Foundation 2013: June 11, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.3AI Score
0.014EPSS
Security Advisory - Remote Code Execution Vulnerability in Some Microsoft Windows Systems
Microsoft released a security advisory to disclose a remote code execution vulnerability in Remote Desktop Services. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests to exploit the vulnerability. Successful exploit may cause arbitrary code...
9.8CVSS
2AI Score
0.975EPSS
Mother's Day Online Shoppers Were Active, and So Were Threat Actors
Mother's Day is a major online shopping event that attracts both shoppers as well as threat actors. Earlier in the year, we reported on the United Kingdom's version, called Mothering Sunday. An eMarketer spending forecast predicted that in the United States, retail gift spending would increase,...
-0.3AI Score
0.2AI Score
0.001EPSS
Huawei eSpace 1.1.11.103 - ContactsCtrl.dll eSpaceStatusCtrl.dll ActiveX Heap Overflow
Huawei eSpace 1.1.11.103 - ContactsCtrl.dll eSpaceStatusCtrl.dll ActiveX Heap...
0.5AI Score
0.001EPSS
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer...
0.7AI Score
0.001EPSS
6.7AI Score
EPSS
6.7AI Score
EPSS
Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow (Unicode)
Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow...
0.5AI Score
0.0004EPSS
Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)
...
6.7AI Score
EPSS
6.7AI Score
EPSS
Huawei eSpace 1.1.11.103 - DLL Hijacking Exploit
Exploit for windows platform in category local...
0.5AI Score
0.001EPSS
6.6AI Score
0.0004EPSS
6.6AI Score
0.001EPSS
Huawei eSpace 1.1.11.103 - (ContactsCtrl.dll) / (eSpaceStatusCtrl.dll) ActiveX Heap Overflow Exploit
...
6.6AI Score
0.001EPSS
0.7AI Score
0.001EPSS
1AI Score
0.0004EPSS
0.2AI Score
0.001EPSS