IKS, EDS Security Vulnerabilities
6.3AI Score
Vulnerable URL: http://www.moxa.ru/shop/ethernet/managed/gigabit/eds-g512e/eds-g512e-4gsfp/#!prettyPhoto/0,%3Ca%20onclick=%22alert(%27OPENBUGBOUNTY%27);%22%3E/ Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 31.10.2017 Vulnerability type:| XSS...
6.2AI Score
This module will listen for mDNS multicast requests on 5353/udp for A and AAAA record queries, and respond with a spoofed IP address (assuming the request matches our...
7AI Score
openSUSE Security Update : the Linux Kernel (openSUSE-2016-1076)
The openSUSE Leap 42.1 kernel was updated to 4.1.31 to receive various security and bugfixes. The following security bugs were fixed : CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service...
9.8CVSS
0.3AI Score
0.047EPSS
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to 4.1.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of ...
3.4AI Score
0.047EPSS
7.4AI Score
Moxa EDS-405A/408A < 3.6 Multiple Vulnerabilities
Moxa EDS-405A and EDS-408A devices are prone to multiple ...
6.6AI Score
0.003EPSS
This plugin executes an EtherNet/IP Common Industrial Protocol (CIP) request to obtain access to the Electronic Data Sheet (EDS) metadata, such as the icon file's name, size, version, and checksum...
3.8AI Score
0x00 causes A foreigner reading thePOINT OF SALE MALWARE: THE FULL STORY OF THE BACKOFF TROJAN OPERATIONthis paper, on the paper inside the digital thieves of the first through the invasion of the CCTV system to identify the target belongs to the retailers, and then further invasion of POS...
-0.1AI Score
7.4AI Score
7.1AI Score
Multiple CCTV-DVR Vendors - Remote Code Execution
Multiple CCTV-DVR Vendors - Remote Code...
0.4AI Score
How Spy Agencies Hacked into Israeli Military Drones to Collect Live Video Feeds
Featured Image Only. See Original leaked images below. In a joint surveillance program, the US intelligence agency NSA (National Security Agency) and the British intelligence agency GCHQ (Government Communications Headquarters) hacked into, decrypted, and tracked live video feeds of Israeli...
6.7AI Score
7.1AI Score
eds.e.ebscohost.com XSS vulnerability
Vulnerable URL: http://eds.e.ebscohost.com/eds/results?sid=49338941-4ea4-4687-a449-7cc971b55ae5%40sessionmgr4002&vid;=1&hid;=4110&bquery;=><svg%2fonload%3dprompt+AND+%28%2fXSSPOSED%2f%29&bdata;=JnR5cGU9MCZzaXRlPWVkcy1saXZl Details: Description| Value ---|--- Patched:| Yes, at 28.12.2015 Lates...
6.3AI Score
eds.d.ebscohost.com XSS vulnerability
Vulnerable URL: http://eds.d.ebscohost.com/eds/results?sid=49338941-4ea4-4687-a449-7cc971b55ae5%40sessionmgr4002&vid;=1&hid;=4110&bquery;=><svg%2fonload%3dprompt+AND+%28%2fXSSPOSED%2f%29&bdata;=JnR5cGU9MCZzaXRlPWVkcy1saXZl Details: Description| Value ---|--- Patched:| Yes, at 28.12.2015 Lates...
6.3AI Score
eds.c.ebscohost.com XSS vulnerability
Vulnerable URL: http://eds.c.ebscohost.com/eds/results?sid=49338941-4ea4-4687-a449-7cc971b55ae5%40sessionmgr4002&vid;=1&hid;=4110&bquery;=><svg%2fonload%3dprompt+AND+%28%2fXSSPOSED%2f%29&bdata;=JnR5cGU9MCZzaXRlPWVkcy1saXZl Details: Description| Value ---|--- Patched:| Yes, at 28.12.2015 Lates...
6.3AI Score
7.5CVSS
7.5AI Score
0.004EPSS
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified...
5.9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified...
5.8AI Score
0.002EPSS
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted...
6.2AI Score
0.003EPSS
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted...
6.4AI Score
0.003EPSS
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer...
6.5AI Score
0.002EPSS
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer...
6.3AI Score
0.002EPSS
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted...
6.8AI Score
0.003EPSS
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer...
6.8AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified...
6.3AI Score
0.002EPSS
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted...
6.2AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified...
5.7AI Score
0.002EPSS
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer...
6.3AI Score
0.002EPSS
Affected system: Moxa Industrial Managed Switch EDS-408A Moxa Industrial Managed Switch EDS-405A Description: CVE(CAN) ID: CVE-2 0 1 5-6 4 6 5 Moxa EDS-405A/EDS-408A Ethernet switch Series products. Moxa EDS-405A/EDS-408A embedded GoAhead Web serverthere is a denial of service vulnerability, an...
1.7AI Score
This excerpt from the secret home router 0day vulnerability Mining Technology of Wu Shaohua editor, Wang Wei, Zhao Xu, EDS., Publishing House of electronics industry 2 0 1 5 年 8 月 publication. In this Chapter the experimental test environment described in Table 1 3-1 shown in Fig. Table 1 3-1 ...
-0.5AI Score
Updated evolution packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score,...
7.5CVSS
-1.9AI Score
0.004EPSS
-0.2AI Score
0.091EPSS
7.1AI Score
-0.1AI Score
0.091EPSS
Scientific Linux Security Update : evolution on SL6.x i386/x86_64 (20131121)
A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. (CVE-2013-4166) The Evolution packages have been upgraded to upstream version 2.32.3, which.....
7.5CVSS
-1.3AI Score
0.004EPSS
Oracle Linux 6 : evolution (ELSA-2013-1540)
From Red Hat Security Advisory 2013:1540 : Updated evolution packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common...
7.5CVSS
-2AI Score
0.004EPSS
CentOS Errata and Security Advisory CESA-2013:1540 Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management (PIM) tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys...
7.5CVSS
7.4AI Score
0.004EPSS
(RHSA-2013:1540) Low: evolution security, bug fix, and enhancement update
Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management (PIM) tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails.....
7.5CVSS
7.3AI Score
0.004EPSS
RHEL 6 : evolution (RHSA-2013:1540)
Updated evolution packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score,...
7.5CVSS
-2.1AI Score
0.004EPSS
Rockwell RSLinx EDS Vulnerability
Overview ICS-CERT has received a report from Michael Orlando of CERT Coordination Center (CERT/CC) identifying a vulnerability in Rockwell Automation Electronic Data Sheet (EDS) Hardware Installation Tool. This tool is bundled with RSLinx Classic for normal distribution. The install tool exhibits.....
7.9AI Score
LLMNR (Link-local Multicast Name Resolution) is the successor of NetBIOS (Windows Vista and up) and is used to resolve the names of neighboring computers. This module forges LLMNR responses by listening for LLMNR requests sent to the LLMNR multicast address (224.0.0.252) and responding with a...
7AI Score
7.3AI Score
This module forges NetBIOS Name Service (NBNS) responses. It will listen for NBNS requests sent to the local subnet's broadcast address and spoof a response, redirecting the querying machine to an IP of the attacker's choosing. Combined with auxiliary/server/capture/smb or...
7.2AI Score
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds...
8.1AI Score
0.033EPSS
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds...
8.8AI Score
0.033EPSS
RSLinx Classic EDS Wizard buffer overflow vulnerability
Overview Rockwell Automation RSLinx Classic EDS Hardware Installation Tool contains a buffer overflow vulnerability. Description According to Rockwell Automation's website: _RSLinx Classic provides plant-floor device connectivity for a wide variety of Rockwell Software applications such as...
0.5AI Score
0.033EPSS
[DSECRG-00153] Oracle Document Capture Actbar2.ocx - insecure method
ActiveX components contain insecure methods. Digital Security Research Group [DSecRG] Advisory #DSECRG-00153 Application: Oracle Document Capture Versions Affected: Release 10gR3 Vendor URL: www.oracle.com Bugs: insecure method, File overwriting...
-0.2AI Score
0.091EPSS
Oracle Document Capture - empop3.dll Insecure Methods
Oracle Document Capture - empop3.dll Insecure...
-0.4AI Score
0.091EPSS