Lucene search
+L

46 matches found

RustSec
RustSec
added 2019/11/16 12:0 p.m.22 views

HeaderMap::Drain API is unsound

Affected versions of this crate incorrectly used raw pointer, which introduced unsoundness in its public safe API. Failing to drop the Drain struct causes double-free, and it is possible to violate Rust's alias rule and cause data race with Drain's Iterator implementation. The flaw was corrected ...

9.8CVSS2.4AI score0.01812EPSS
Exploits0Affected Software1
Prion
Prion
added 2019/08/01 5:15 p.m.13 views

Design/Logic Flaw

cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archivesynczones script SEC-355...

2.1CVSS4AI score0.0035EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/01 4:14 p.m.19 views

CVE-2018-20946

cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archivesynczones script SEC-355...

3.8AI score0.0035EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2017/10/07 3:13 p.m.13 views

hola.com XSS vulnerability

Vulnerable URL: http://www.hola.com/a/"' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 05.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 355 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Value ---|---...

6.3AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.97 views

Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow

Exploit Title:Oracle 9i XDB HTTP PASS Buffer Overflow Date: 09/25/2017 Exploit Author: Charles Dardaman Twitter: https://twitter.com/CharlesDardaman Website: http://www.dardaman.com Version:9.2.0.1 Tested on: Windows 2000 SP4 CVE: 2003-0727 This is a modified stand alone exploit of...

7AI score
Exploits0
CNVD
CNVD
added 2017/08/26 12:0 a.m.8 views

Multiple Westermo Routers Hardcoded Password Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers are vulnerable to a hard-coded password vulnerability where the device uses a hard-coded special key that allows an attacker to decrypt traffic from any other source...

7.1AI score
Exploits0References1
NVD
NVD
added 2017/08/25 4:29 p.m.20 views

CVE-2017-12709

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

5.3CVSS5.7AI score0.00306EPSS
Exploits0References2
NVD
NVD
added 2017/08/25 4:29 p.m.25 views

CVE-2017-12703

A Cross-Site Request Forgery CSRF issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to...

8.8CVSS8.8AI score0.00642EPSS
Exploits0References2
NVD
NVD
added 2017/08/25 4:29 p.m.16 views

CVE-2016-5816

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source...

7.5CVSS7.7AI score0.01532EPSS
Exploits0References1
Prion
Prion
added 2017/08/25 4:29 p.m.19 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to...

6.8CVSS8.7AI score0.00642EPSS
Exploits0References2
Prion
Prion
added 2017/08/25 4:29 p.m.14 views

Hardcoded credentials

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source...

5CVSS7AI score0.01532EPSS
Exploits0References1
CVE
CVE
added 2017/08/25 4:0 p.m.52 views

CVE-2017-12709

CVE-2017-12709 describes a local-authentication vulnerability in Westermo MRD-305-DIN (older than 1.7.5.0) and MRD-315, MRD-355, MRD-455 (older than 1.7.5.0). The root cause is the use of hard-coded credentials, which could allow an unauthorized local user with low privileges to access the device...

5.3CVSS5.2AI score0.00306EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/25 4:0 p.m.25 views

CVE-2017-12703

A Cross-Site Request Forgery CSRF issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to...

8.8AI score0.00642EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/25 4:0 p.m.28 views

CVE-2017-12709

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

5.2AI score0.00306EPSS
Exploits0References2
CVE
CVE
added 2017/08/25 4:0 p.m.59 views

CVE-2016-5816

Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 are affected when firmware is older than 1.7.5.0. The issue is Use of Hard-Coded Cryptographic Key (CWE-321): devices contain private cryptographic keys embedded in firmware, which could allow an attacker to decrypt traffic from other sources. P...

7.5CVSS7.4AI score0.01532EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/08/25 12:0 a.m.8 views

Multiple Westermo Routers Hardcoded for Unauthorized Access Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers have a hard-coded unauthorized access vulnerability, where the device uses hard-coded credentials that allow a local attacker to exploit the vulnerability to gain unauthorized access to the...

5.3CVSS6AI score0.00306EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/03 12:0 a.m.6 views

Multiple Westermo Router Spoofing Vulnerabilities

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. A spoofing vulnerability exists in multiple Westermo routers, where an attacker could potentially spoof a user into making a malicious request to a server because the program does not verify that the user intended to...

8.8CVSS8.7AI score0.00642EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2016/09/04 1:7 p.m.20 views

repubblica.it XSS vulnerability

Vulnerable URL: http://www.repubblica.it/economia/miojob/offerte/lavoro/cerca/regione-emiliaromagna/areaname-assistenzaclientifjdqz%252d%252d%253e%253cscript%253eprompt%2528%2527OPENBUGBOUNTY%2527%2529%253c%252fscript%253enhfmd/?terms=666=customername+asc Details: Description| Value ---|---...

6.3AI score
Exploits0
seebug.org
seebug.org
added 2016/01/11 12:0 a.m.22 views

Westermo MRD-305-DIN/MRD-310/MRD-315/MRD-330/MRD-355/MRD-350/MRD-455 弱口令

No description provided by source...

7.1AI score
Exploits0
ICS
ICS
added 2015/10/30 6:0 a.m.82 views

Magnetrol HART DTM Vulnerability

OVERVIEW Alexander Bolshev of Digital Security has identified an improper input validation vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library extension utilized by some Magnetrol products. CodeWrights GmbH has updated its software library to mitigate this vulnerability...

2.1CVSS6.3AI score0.00374EPSS
Exploits0References10
Rows per page
Query Builder