Lucene search
K

57 matches found

Cvelist
Cvelist
added 2020/07/14 8:42 p.m.23 views

CVE-2020-5246 LDAP injection vulnerability in Traccar GPS Tracking System

Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances wit...

7.7CVSS7.8AI score0.00852EPSS
Exploits0References2
CVE
CVE
added 2020/07/14 8:42 p.m.47 views

CVE-2020-5246

CVE-2020-5246 affects Traccar GPS Tracking System prior to version 4.9. The issue is an LDAP injection vulnerability triggered when user input is used in LDAP search filters, allowing an attacker to modify query logic and potentially obtain admin privileges in LDAP-configured deployments. The vul...

7.7CVSS6.8AI score0.00852EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/11/13 12:15 a.m.4 views

CVE-2019-5246

Smartphones with software of ELLE-AL00B 9.1.0.109C00E106R1P21, 9.1.0.113C00E110R1P21, 9.1.0.125C00E120R1P21, 9.1.0.135C00E130R1P21, 9.1.0.153C00E150R1P21, 9.1.0.155C00E150R1P21, 9.1.0.162C00E160R2P1 have an insufficient verification vulnerability. The system does not verify certain parameters...

6.2CVSS6.6AI score0.00171EPSS
Exploits0References1
CVE
CVE
added 2019/11/12 11:14 p.m.87 views

CVE-2019-5246

CVE-2019-5246 affects ELLE-AL00B smartphones (versions 9.1.0.109/113/125/135/153/155/162) and is caused by insufficient verification of parameters. The vulnerability allows an attacker to gain high privileges on a device after connecting to the phone, potentially leading to denial of service or a...

6.2CVSS6.6AI score0.00171EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/01/19 12:0 a.m.45 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0130-1)

This update for ImageMagick fixes several issues. These security issues were fixed : - CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in coders/pattern.c bsc1074973 - CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in MagickWand/montage.c bsc1074975 -...

8.8CVSS6.3AI score0.03688EPSS
Exploits5References64
RedhatCVE
RedhatCVE
added 2018/01/11 4:20 p.m.34 views

CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

6.5CVSS2.1AI score0.03688EPSS
Exploits1References1
CVE
CVE
added 2018/01/05 7:0 p.m.92 views

CVE-2018-5246

CVE-2018-5246 affects ImageMagick; memory leaks occur in ReadPATTERNImage (coders/pattern.c), with potential memory exhaustion under load. Affected versions include ImageMagick 7.0.7-17 Q16, among others noted in the sources. The documents do not provide exploit details or a confirmed fix version...

6.5CVSS7.1AI score0.03688EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/05 12:0 a.m.24 views

CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

6.5CVSS6.8AI score0.03688EPSS
Exploits1References2
OSV
OSV
added 2018/01/05 12:0 a.m.10 views

UBUNTU-CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

6.5CVSS6.9AI score0.03688EPSS
Exploits1References3
Circl
Circl
added 2017/10/11 4:8 p.m.9 views

CVE-2017-5246

creationtimestamp| type| source ---|---|--- 2017-10-11 16:08:44+00:00| seen| https://t.me/webpwn/162...

4.3CVSS4.5AI score0.00599EPSS
Exploits0References1
CVE
CVE
added 2017/10/06 3:0 p.m.58 views

CVE-2015-5246

Technical details about CVE-2015-5246 are not publicly available in the provided connected documents. The sources summarize an LDAP authentication issue in Foreman but do not specify affected versions, exploit methods, or fixes. Monitor for updates.

8.1CVSS8.1AI score0.0142EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/07/18 6:0 p.m.48 views

CVE-2017-5246

Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can supply a valid AngularJS expression ({{ … }}) which will be evaluated by other authenticated users viewing the attacker’s display name. Affected versions are 5.0.0000 t...

4.3CVSS4.5AI score0.00599EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/03/10 2:59 a.m.17 views

Design/Logic Flaw

The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service network connectivity disruption via a client hello with a...

5CVSS7.4AI score0.01545EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/08/22 2:0 p.m.56 views

CVE-2014-5246

CVE-2014-5246 affects Shenzhen Tenda Technology Tenda A5s routers with firmware 3.02.05_CN. The flaw is an authentication bypass: setting the admin:language cookie to zh-cn grants administrator access, enabling login to the device via the web interface (e.g., /advance.asp). Multiple sources (NVD,...

10CVSS7.2AI score0.1249EPSS
Exploits6References5Affected Software2
seebug.org
seebug.org
added 2014/08/20 12:0 a.m.29 views

Tenda A5s Router 3.02.05_CN 身份验证绕过

No description provided by source. ----------------------------------------------------------------------- Tenda A5s Router Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : zixian Mail : [email protected] Date : Aug, 17-2014 Vendor :...

10CVSS6.5AI score0.1249EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/08/18 12:0 a.m.34 views

Tenda A5s Router Authentication Bypass

----------------------------------------------------------------------- Tenda A5s Router Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : zixian Mail : [email protected] Date : Aug, 17-2014 Vendor : http://tenda.com.cn/ Link :...

10CVSS1AI score0.1249EPSS
Exploits6
exploitpack
exploitpack
added 2014/08/18 12:0 a.m.26 views

Tenda A5s Router 3.02.05_CN - Authentication Bypass

Tenda A5s Router 3.02.05CN - Authentication Bypass ----------------------------------------------------------------------- Tenda A5s Router Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : zixian Mail : [email protected] Date : Aug,...

10CVSS1AI score0.1249EPSS
Exploits6
0day.today
0day.today
added 2014/08/18 12:0 a.m.63 views

Tenda A5s Router Authentication Bypass

Tenda A5s router suffers from an authentication bypass vulnerability due to improperly trusting cookies. ----------------------------------------------------------------------- Tenda A5s Router Authentication Bypass Vulnerability...

10CVSS1.1AI score0.1249EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/08/18 12:0 a.m.43 views

Tenda A5s Router 3.02.05_CN - Authentication Bypass

----------------------------------------------------------------------- Tenda A5s Router Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : zixian Mail : [email protected] Date : Aug, 17-2014 Vendor : http://tenda.com.cn/ Link :...

10CVSS6.6AI score0.1249EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2013/11/17 12:0 a.m.29 views

SuSE 11.2 Security Update : Mozilla NSS (SAT Patch Number 8484)

"Mozilla NSS has been updated to 3.15.2 bnc847708 bringing various features and bugfixes : The main feature is TLS 1.2 support and its dependent algorithms. - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add...

5CVSS6.9AI score0.03406EPSS
Exploits0References3
Rows per page
Query Builder