Dynamic analysis of firmware components in IoT devices
Among the various offensive security techniques, vulnerability assessment takes priority when it comes to analyzing the security of IoT/IIoT devices. In most cases, such devices are analyzed using the black box testing approach, in which the researcher has virtually no knowledge about the object...
-0.6AI Score
6.7CVSS
-0.1AI Score
0.001EPSS
playSMS <1.4.3 - Remote Code Execution
PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side...
9.8CVSS
9.7AI Score
0.958EPSS
Possible inject arbitrary `CSS` into the generated graph affecting the container HTML
An attacker is able to inject arbitrary CSS into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted CSS selectors. The following example shows how an attacker can exfiltrate....
6.1CVSS
1AI Score
0.001EPSS
Possible inject arbitrary `CSS` into the generated graph affecting the container HTML
An attacker is able to inject arbitrary CSS into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted CSS selectors. The following example shows how an attacker can exfiltrate....
6.1CVSS
6.6AI Score
0.001EPSS
7.5CVSS
7.8AI Score
0.029EPSS
6.5CVSS
AI Score
0.001EPSS
-0.3AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219)
Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...
8.8CVSS
9.1AI Score
0.011EPSS
-0.1AI Score
General Electric Renewable Energy MDS Radios
EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: General Electric Renewable Energy Equipment: MDS iNET/iNET II/SD/TD220/TD220MAX Radios Vulnerabilities: Improper Input Validation, Hidden Functionality, Inadequate Encryption Strength, Uncontrolled...
9.8CVSS
7.9AI Score
0.975EPSS
8.8CVSS
-0.4AI Score
0.97EPSS
8.8CVSS
AI Score
0.97EPSS
8.8CVSS
8.7AI Score
EPSS
Magento 2 Community Edition Access Control Bypass
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
7AI Score
0.001EPSS
Magento 2 Community Edition Access Control Bypass
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
7AI Score
0.001EPSS
Ubuntu 16.04 ESM : libXrender vulnerabilities (USN-5436-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5436-1 advisory. Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to...
9.8CVSS
9.5AI Score
0.014EPSS
Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-7949,...
9.8CVSS
8AI Score
0.014EPSS
Meta Data Is Not Stripped From images
Hey team, while uploading site/page logo as an administrator, The meta data of the image like geolocation, device information, version, nameetc is not getting stripped, as a result the attacker can collect all the meta data information of the image by using tools like exif tool, metadata checker...
5.3CVSS
0.1AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...
5.4CVSS
5.3AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...
5.4CVSS
0.001EPSS
A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...
5.4CVSS
5.3AI Score
0.001EPSS
CVE-2022-1817 Badminton Center Management System Userlist Module cross site scripting
A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...
3.5CVSS
5.5AI Score
0.001EPSS
Releases Ubuntu 16.04 ESM Packages libxrender - X11 Rendering Extension client library Details Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code....
9.8CVSS
10AI Score
0.014EPSS
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...
9.1CVSS
2.9AI Score
0.006EPSS
Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203)
Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...
8.8CVSS
8.9AI Score
0.054EPSS
Microsoft launches Defender for Business to help protect small and medium businesses
Happy National Small Business Week1 in the United States! Small and medium businesses (SMBs) are the bedrock of our economy, representing 90 percent of businesses and more than 50 percent of employment worldwide.2 As we celebrate their innovation and contributions this week, it’s important to...
-0.3AI Score
Microsoft launches Defender for Business to help protect small and medium businesses
Happy National Small Business Week1 in the United States! Small and medium businesses (SMBs) are the bedrock of our economy, representing 90 percent of businesses and more than 50 percent of employment worldwide.2 As we celebrate their innovation and contributions this week, it’s important to...
-0.3AI Score
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-002)
The version of kernel installed on the remote host is prior to 5.10.47-39.130. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-002 advisory. 2024-06-19: CVE-2021-47227 was added to this advisory. 2024-06-06: CVE-2021-47009 was added to this...
8.8CVSS
9AI Score
0.002EPSS
Cisco Unified Communications Manager IM & Presence Service SQLI (cisco-sa-imp-sqlinj-GrpUuQEJ)
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM Presence Service (Unified CM IMP) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of...
8.1CVSS
0.9AI Score
0.001EPSS
Cisco Unified Communications Products Arbitrary File Write (cisco-sa-cucm-arb-write-74QzruUU)
According to its self-reported version number, the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified CM Session Management Edition is affected by an arbitrary file write vulnerability. An authenticated remote attacker can exploit this vulnerability to.....
6.5CVSS
6.6AI Score
0.001EPSS
Cisco Unified Communications Products Arbitrary File Read (cisco-sa-ucm-file-read-h8h4HEJ3)
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating...
6.5CVSS
1AI Score
0.001EPSS
Cisco Unified Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT)
According to its self-reported version number, the web-based management interface of the Cisco Unified Communications Manager (Unified CM) and Cisco Unified CM Session Management Edition is affected by a cross-site request forgery vulnerability. An authenticated, remote attacker can exploit this...
6.8CVSS
6.7AI Score
0.001EPSS
Cisco Unified Communications Products DoS (cisco-sa-ucm-dos-zHS9X9kD)
A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a.....
6.5CVSS
6.4AI Score
0.001EPSS
Cisco Unified Communications Products XSS (cisco-sa-cucm-xss-6MCe4kPF)
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack...
6.1CVSS
6.1AI Score
0.001EPSS
0.1AI Score
-0.1AI Score
9.8CVSS
9.1AI Score
0.02EPSS
WordPress WooCommerce <3.1.2 - Arbitrary Function Call
WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call...
9.8CVSS
9.5AI Score
0.028EPSS
espace-helvetia.ch Cross Site Scripting vulnerability OBB-2531840
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189)
Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft Excel remote code execution vulnerability. To learn more about the vulnerabilities, see the...
8CVSS
7.3AI Score
0.01EPSS
Summary Open Source OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...
9.8CVSS
1.2AI Score
0.152EPSS
Summary Open Source OpenSSL is used by IBM Cisco switches and directors. IBM Cisco switches and directors has addressed the CVE. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when...
7.5CVSS
0.9AI Score
0.202EPSS
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Switches and Directors.
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cisco Switches and Directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By connecting to a...
8.3AI Score
0.944EPSS
Summary IBM Cisco Switches and Directors vulnerable to Sweet32 Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in.....
7.5CVSS
0.8AI Score
0.005EPSS
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108DESCRIPTION: OpenSSL could allow a remote....
9.8CVSS
2.3AI Score
0.967EPSS
Summary Open SSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to...
9.8CVSS
0.9AI Score
0.911EPSS
0.6AI Score
0.001EPSS
6.5CVSS
1.1AI Score
0.001EPSS
6.5CVSS
6.6AI Score
0.001EPSS