A silver bullet for the attacker
In the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems, relatively independently and often without regard for modern secure coding...
10.5AI Score
0.155EPSS
espace-recettes.fr XSS vulnerability
Open Bug Bounty ID: OBB-500573 Description| Value ---|--- Affected Website:| espace-recettes.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Disclosure Standard:| Coordinated...
6.4AI Score
Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'
Security researchers disclosed two groups of CPU vulnerabilities "Meltdown" and "Spectre". In some circumstances, a local attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel. (Vulnerability ID: HWPSIRT-2018-01001,...
6.3AI Score
0.976EPSS
Security Advisory - Two Vulnerabilities in CRYPTO module of Several Huawei Products
There is a buffer overflow vulnerability in the CRYPTO module of several Huawei products. An unauthenticated, local attacker could craft malformed file with a specific field that the length is longer than the maximum value. Due to insufficient validation of the inputs, successful exploit could...
6.8AI Score
Security Advisory - Memory Leak Vulnerability in Several Huawei products
There is a memory leak vulnerability in several Huawei products. An unauthenticated, remote attacker could craft malformed packets with specific parameters when connecting with the affect products by SFTP/SSH protocol. Due to insufficient validation of packets, successful exploit could cause a...
6.4AI Score
Open Bug Bounty ID: OBB-472607 Description| Value ---|--- Affected Website:| memograv.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention Cheat...
6.4AI Score
Security Advisory - Several Vulnerabilities in H323 Protocol of Huawei Products
There are three null pointer dereference vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash.....
6.7AI Score
0.002EPSS
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...
7.5CVSS
7.5AI Score
0.002EPSS
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...
7.5CVSS
7.6AI Score
0.002EPSS
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...
7.5CVSS
7.5AI Score
0.002EPSS
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...
7.5CVSS
7.6AI Score
0.002EPSS
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...
7.5CVSS
7.6AI Score
0.002EPSS
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...
7.5CVSS
7.5AI Score
0.002EPSS
Security Advisory - Weak Cryptography Vulnerability in Some Huawei Products
Some Huawei products have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain...
8.8AI Score
0.004EPSS
Security Advisory - Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products
The CIDAM Protocol on Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the attacker.....
6.6AI Score
0.002EPSS
Security Advisory - Remote Code Execution Vulnerability in Windows DNSAPI
Microsoft released a security advisory to disclose a remote code execution vulnerability in Windows Domain Name System (DNS) DNSAPI.dll. An unauthenticated, remote attacker would use a malicious DNS server to send corrupted DNS responses to the target. The attacker could exploit the vulnerability.....
8.1AI Score
0.521EPSS
Security Advisory - DoS Vulnerability in Timergrp Module of Some Huawei Products
There is an DoS vulnerability in Timergrp module of some Huawei products due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to...
5.2AI Score
0.0004EPSS
Security Advisory - Out-Of-Bounds Read Vulnerability in Some Huawei Products
Some Huawei products have an out-of-bounds read vulnerability. An unauthenticated attacker may send specific crafted H.323 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset. (Vulnerability ID: HWPSIRT-2017-06160) ...
6.7AI Score
Security Advisory - Information Disclosure Vulnerability in CIDAM Protocol on Huawei Products
Part of Huawei Products use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could...
4.8AI Score
0.001EPSS
Security Advisory - Two Remote Code Execution Vulnerabilities in Microsoft Windows
Microsoft released a security advisory to disclose a remote code execution vulnerability in Microsoft Server Message Block 1.0 (SMBv1). A remote attacker could send a specially crafted packet to a targeted SMBv1 server. The attacker could exploit the vulnerability to gain the ability to execute...
8.9AI Score
0.189EPSS
Security Advisory - Use of a Risky Cryptographic Algorithm Vulnerability on Several Products
There is a use of a broken or risky cryptographic algorithm vulnerability on several products. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could result....
5.8AI Score
0.002EPSS
Security Advisory - Multiple Vulnerabilities in Some Huawei Products
There are two buffer overflow vulnerabilities in some Huawei products. An unauthenticated, remote attacker may send specially crafted SIP packages to the affected products. Due to the insufficient validation of some values for SIP packages, successful exploit may cause services abnormal....
6.1AI Score
0.002EPSS
Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products
There is buffer overflow vulnerability in some Huawei products. An unauthenticated, remote attacker may send specially crafted certificates to the affected products. Due to insufficient validation of the certificates, successful exploit may cause buffer overflow and some service abnormal....
5.7AI Score
0.001EPSS
Security Advisory - Multiple Vulnerabilities in Some Huawei Products
There is a memory leak vulnerability in some Huawei products. An authenticated, local attacker may craft a specific XML file to the affected products. Due to not free the memory to parse the XML file, successful exploit will result in memory leak of the affected products. (Vulnerability ID:...
5.1AI Score
0.0004EPSS
Security Advisory - Resource Exhaustion Vulnerability on Several Products
There is a resource exhaustion vulnerability on several products. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack...
5.5AI Score
0.002EPSS
Security Advisory - Resource Management Errors Vulnerability in Some Huawei Products
The Light Directory Access Protocol (LDAP) clients of some Huawei products have a resource management errors vulnerability. An unauthenticated, remote attacker may make the LDAP server not respond to the client's request by controlling the LDAP server. Due to improper management of LDAP connection....
7.1AI Score
0.002EPSS
SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100;...
5.4AI Score
0.001EPSS
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
5.3AI Score
0.0004EPSS
Security Advisory - DoS Vulnerability in XML Parser of Some Huawei Products
XML parser has a DoS vulnerability in some Huawei products. Due to not check the specially XML file enough, an authenticated local attacker may craft specific XML files to the affected products and parse this file, which cause to null pointer accessing and result in DoS attacks. (Vulnerability ID:....
5.3AI Score
0.0004EPSS
Security Advisory - Multiple Vulnerabilites in SIP Module on Huawei Products
There is an overflow vulnerability on the SIP module that attacker can exploit by sending a specially crafted SIP message, leading to a process reboot at random. (Vulnerability ID: HWPSIRT-2017-06044) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID:...
5.6AI Score
0.001EPSS
Security Advisory - DoS Vulnerability in Some Huawei Products
There is an DoS vulnerability in some Huawei products due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system, when a system manager load the key, an infinite loop happens which lead to...
5.5AI Score
0.001EPSS
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated...
5.5AI Score
0.001EPSS
PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10;....
5.3AI Score
0.0004EPSS
SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100;...
5.4AI Score
0.001EPSS
Backup feature of SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500...
5.5AI Score
0.001EPSS
Security Advisory - Input Validation Vulnerability in H323 Protocol of Huawei products
There is an insufficient validation vulnerability in some Huawei products. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packets and result in DOS...
5.7AI Score
0.001EPSS
Security Advisory - Denial of Service Vulnerability on Several Huawei Products
There is a denial of service vulnerability on several products. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in...
7.2AI Score
0.002EPSS
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
5.5AI Score
0.0004EPSS
Security Advisory - Multiple Vulnerabilities of PEM Module in Some Huawei Products
There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter, which could cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06047) This vulnerability has been...
5.4AI Score
0.0004EPSS
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
5.3AI Score
0.0004EPSS
XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the specially XML file enough....
5.3AI Score
0.0004EPSS
Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products
There is a buffer overflow vulnerability in the Common Open Policy Service Protocol (COPS) module of some Huawei products. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted message to the affected products. The vulnerability is due to insufficient...
5.7AI Score
0.002EPSS
Security Advisory - Memory Leak Vulnerability in Several Huawei Products
There is a memory leak vulnerability in several Huawei products. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory....
4.5AI Score
0.0004EPSS
Security Advisory - Multiple Buffer Overflow Vulnerabilities in Some Huawei Products
There are three buffer overflow vulnerabilities in the SIP backup feature of some Huawei products. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal....
5.7AI Score
0.001EPSS
Security Advisory - DoS Vulnerability in Some Huawei Products
There is a DoS vulnerability caused by memory exhaustion in some Huawei products. For insufficient input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS). (Vulnerability ID:...
5.3AI Score
0.0004EPSS
Security Advisory - Two Vulnerabilities in H323 protocol of Huawei Products
There is an out-of-bounds read vulnerability in H323 protocol of Huawei products. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. (Vulnerability ID:...
5.7AI Score
0.002EPSS
Security Advisory - Denial of Service Vulnerability on Several Products
There is a denial of service vulnerability on several products. The software decodes X.509 certificate in an improper way. A remote unauthenticated attacker could send a crafted X.509 certificate to the device. Successful exploit could result in a denial of service on the device. (Vulnerability...
7.1AI Score
0.002EPSS
Security Advisory - Memory Leak Vulnerability in Some Huawei Products
Some Huawei products have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions. (Vulnerability ID: HWPSIRT-2017-08151) This vulnerability has been...
5.4AI Score
0.0004EPSS
Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products
Multiple denial of service vulnerabilities were disclosed on Network Time Protocol (NTP) offical website. Attackers can exploit these vulnerabilities to cause a denial of service (DoS) condition. If trap service is enabled, an attacker can exploit this vulnerabilityc by sending a specially crafted....
0.4AI Score
0.965EPSS
espace-emploi.ch XSS vulnerability
Open Bug Bounty ID: OBB-440437 Description| Value ---|--- Affected Website:| espace-emploi.ch Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention...
6.4AI Score