Lucene search
K

292 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-31743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML...

6.5CVSS7.6AI score0.00428EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-31745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101. CVE-2022-317...

4.3CVSS7AI score0.00346EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-31739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths tha...

8.8CVSS8.1AI score0.00662EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-31737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability...

9.8CVSS8.4AI score0.00814EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.6 views

PT-2025-26171 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: open5gs versions 2.7.2 and earlier Description: A missing length check in the ogs pfcp subnet add function from the PFCP library allows a local attacker to cause a Buffer Overflow by changing the session.dnn field with a value with length...

7.8CVSS5.9AI score0.00192EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/05/22 11:32 p.m.2 views

CVE-2022-1887

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...

9.8CVSS8.8AI score0.00581EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.12 views

CVE-2019-3931

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately execute code as root...

9CVSS7.5AI score0.0588EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:41 a.m.9 views

CVE-2019-3936

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vulnerability to stop an acti...

7.5CVSS6.9AI score0.02143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 a.m.8 views

CVE-2019-3938

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary can be used to decrypt any...

7.8CVSS7.1AI score0.00259EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 a.m.8 views

CVE-2019-3934

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code...

5.3CVSS7.2AI score0.07727EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 a.m.8 views

CVE-2019-3937

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data...

7.8CVSS6.7AI score0.00282EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 a.m.9 views

CVE-2019-3932

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uartbridge...

9.8CVSS7.6AI score0.36325EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:55 a.m.12 views

CVE-2019-3928

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become the presenter...

5.3CVSS7AI score0.01769EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 a.m.6 views

CVE-2019-15387

The Archos Core 101 Android device with a build fingerprint of archos/MTKAC101CR3GARCHOS/ac101cr3g:7.0/NRD90M/20180611.034442:user/release-keys contains a pre-installed app with a package name of com.roco.autogen app versionCode=1, versionName=1 that allows any app co-located on the device to...

3.3CVSS6.7AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:14 a.m.10 views

CVE-2019-3925

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root...

10CVSS8.1AI score0.0685EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2024/12/21 12:19 a.m.4 views

SUSE CVE-2024-53271

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

7.1CVSS6.8AI score0.0061EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.4 views

PT-2024-9686 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.31.5 Envoy versions prior to 1.32.3 Description: The issue is related to the incorrect implementation of the control flow when handling HTTP responses in the Envoy proxy server. This can lead to downstream failures i...

8.5CVSS6.8AI score0.0061EPSS
Exploits1References11
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.168 views

Juniper JunOS Malformed TCP Option

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Juniper JunOS Malformed TCP Option', 'Description' = %q This module exploits a denial of service vulnerability in Juniper Network's JunOS router...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/14 3:26 p.m.5 views

101.cz Cross Site Scripting vulnerability OBB-3872489

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.4 views

D-Link GO-RT-AC750 Security Vulnerability

The D-Link GO-RT-AC750 is a wireless dual-band simple router from China-based AUO D-Link. A security vulnerability exists in the D-Link GO-RT-AC750 GORTAC750A1FWv101b03 version, which stems from the use of hard-coded passwords. An attacker could exploit this vulnerability to gain root access via ...

9.8CVSS7AI score0.04834EPSS
Exploits1References3
Rows per page
Query Builder