Lucene search
K

60 matches found

Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.484 views

Cisco UCS Director Cloupia Script Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE', 'Description' = %q This module exploits an authentication bypass and directory traversals in Cisco UCS...

7.5CVSS0.88374EPSS
Exploits5
Prion
Prion
added 2020/05/11 4:15 p.m.15 views

Information disclosure

cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature SEC-540...

5.5CVSS7.9AI score0.00877EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/05 12:0 a.m.45 views

Debian DLA-540-1 : qemu security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2016-3710 Wei Xiao and Qinghao Tang of 360.cn Inc discovered an out-of-bounds read and write flaw in the QEMU VGA module. A privileged guest user could use this flaw to execute arbitrary code on the host with the...

8.8CVSS7.7AI score0.00916EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.41 views

Amazon Linux: Security Advisory (ALAS-2015-540)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.03235EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/06/12 12:0 a.m.39 views

Amazon Linux AMI : libjpeg-turbo (ALAS-2015-540)

A flaw in libjpeg-turbo was reported that could lead to a local denial of service when processing a specially crafted JPEG issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2015-540...

6.5CVSS6.7AI score0.03235EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.60 views

F5 Networks BIG-IP : SSH vulnerability (K13600)

A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using secure shell SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect. The following platforms a...

5.6AI score
Exploits0References2
NVD
NVD
added 2012/02/25 4:21 a.m.19 views

CVE-2012-0364

Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495...

7.8CVSS6.9AI score0.01203EPSS
Exploits0References2
NVD
NVD
added 2012/02/25 4:21 a.m.18 views

CVE-2012-0363

The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...

9CVSS7.6AI score0.02198EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/02/25 2:0 a.m.22 views

CVE-2012-0364

Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495...

6.9AI score0.01203EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/02/25 2:0 a.m.29 views

CVE-2012-0363

The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...

7.6AI score0.02198EPSS
Exploits0References2
CVE
CVE
added 2012/02/25 2:0 a.m.47 views

CVE-2012-0363

Cisco SRP 500 Series Web Interface Command Injection (CVE-2012-0363) affects Cisco SRP 520/540 series devices with specific pre-update firmware. An authenticated user could cause the device to execute arbitrary OS commands via the web interface (command injection) as described in CSCtt46871. Affe...

9CVSS7.8AI score0.02198EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2012/02/25 2:0 a.m.40 views

CVE-2012-0364

CVE-2012-0364 affects Cisco Small Business SRP 500 Series devices (SRP 520/520W-U/540) with firmware older than 1.1.26 or 1.2.4, where an unauthenticated remote attacker could upload a configuration file via an unspecified URL, potentially replacing device configurations. The Cisco Security Advis...

7.8CVSS7.2AI score0.01203EPSS
Exploits0References2Affected Software4
Cvelist
Cvelist
added 2012/02/25 2:0 a.m.23 views

CVE-2012-0365

Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified...

6.6AI score0.03241EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.6AI score0.06748EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/14 12:0 a.m.22 views

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : flac vulnerability (USN-540-1)

Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. Note that Tenable Network...

9.3CVSS6AI score0.06748EPSS
Exploits0References2
Prion
Prion
added 2007/06/22 6:30 p.m.20 views

Design/Logic Flaw

The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...

7.8CVSS6.8AI score0.01671EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2007/06/22 6:30 p.m.21 views

CVE-2007-3348

The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...

7.8CVSS6.6AI score0.01671EPSS
Exploits0References6
CVE
CVE
added 2007/06/22 6:0 p.m.59 views

CVE-2007-3348

The CVE-2007-3348 entry concerns D-Link DPH-540/DPH-541 phones. Affected component: the SIP handling code where a malformed SDP header in a SIP INVITE can be used by remote attackers to trigger a device denial of service. This is described in NVD/CVE records with a CVSS v2 base score of 7.8 (HIGH...

7.8CVSS6.6AI score0.01671EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2007/06/22 6:0 p.m.53 views

CVE-2007-3347

The CVE-2007-3347 entry concerns the D-Link DPH-540/DPH-541 SIP phones. The issue is that these phones accept SIP INVITE messages that originate outside the Call Server’s IP, enabling remote attackers to initiate arbitrary SIP communication with the device. A demonstrated effect is communication ...

7.8CVSS6.8AI score0.01254EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2007/06/22 6:0 p.m.32 views

CVE-2007-3348

The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...

6.6AI score0.01671EPSS
Exploits0References6
Rows per page
Query Builder