134 matches found
Advantech WISE-PaaS/RMM RMSWatchDog distributer Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WISE-PasS/RMM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMSWatchDog service, which listens on TCP port 81 by default. The...
CVE-2019-13336
The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginpass parameters to openlock.cgi can have arbitrary values. NOTE: the vendor's position is that this product reached end o...
Authentication flaw
The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginpass parameters to openlock.cgi can have arbitrary values. NOTE: the vendor's position is that this product reached end o...
CVE-2019-13336
The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginpass parameters to openlock.cgi can have arbitrary values. NOTE: the vendor's position is that this product reached end o...
CVE-2019-13336
The CVE-2019-13336 issue affects the dbell Wi‑Fi Smart Video Doorbell DB01‑S Gen 1. The vulnerability enables remote attackers to execute commands without authentication via TCP port 81 because the loginuse/loginpass values sent to openlock.cgi can be arbitrary. Impact is described in sources as ...
CVE-2016-10848
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...
Design/Logic Flaw
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...
CVE-2016-10848
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...
CVE-2016-10848
CVE-2016-10848 affects cPanel prior to 11.54.0.4, allowing arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). The issue is documented across multiple sources (NVD, Red Hat advisory) with a high impact rating (C/V: high; A: high) and network attack vector. The provided materials d...
Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13
Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 Vaadin 10.0.0 through 10.0.13, and 1.1.0 through 1.4.2 Vaadin 11.0.0 through 13.0.5 allows attacker to execute malicious JavaScript via crafted URL. See CWE-81: Improper...
openSUSE Security Update : ucode-intel (openSUSE-2019-1084)
This update for ucode-intel fixes the following issues : Updated to the 20190312 bundle release bsc1129231 New Platforms : - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2...
SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:0712-1)
This update for ucode-intel fixes the following issues : Updated to the 20190312 bundle release bsc1129231 New Platforms : AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile CFL-S P0 6-9e-c/22 000000a2 Core Gen9...
CVE-2018-11247
The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component, which allows remote attackers to execute arbitrary code via a session on port 81...
Design/Logic Flaw
The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component, which allows remote attackers to execute arbitrary code via a session on port 81...
Nasdaq BWise 5.0 JMX/RMI Interface Remote Code Execution
CONVISO-18-001 - Nasdaq BWise JMX/RMI RCE 1. Advisory Information Conviso Advisory ID: CONVISO-18-001 CVE ID: CVE-2018-11247 CVSS v2: CVSS v2: 8.8,AV:N/AC:M/Au:N/C:C/I:C/A:N Date: 16/05/2018 2. Affected Components Nasdaq BWise 5.0 JMX/RMI interface 3. Description Nasdaq BWise 5.0, through its...
Solaris 10 (sparc) : 152100-81
JavaSE 8: update 181 patch equivalent to JDK 8u181, 64bit. Date this patch was last updated by Sun : Jul/16/18 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid111121;...
XiongMai uc-httpd 1.0.0 - Buffer Overflow Exploit
Exploit for hardware platform in category web applications Exploit Title: XiongMai uc-httpd 1.0.0 - Buffer Overflow Exploit Author: Andrew Watson Software Version: XiongMai uc-httpd 1.0.0 Vendor Homepage: http://www.xiongmaitech.com/en/ Tested on: KKMoon DVR running XiongMai uc-httpd 1.0.0 on...
XiongMai uc-httpd 1.0.0 Buffer Overflow
Exploit Title: XiongMai uc-httpd 1.0.0 - Buffer Overflow Date: 2018-06-08 Exploit Author: Andrew Watson Software Version: XiongMai uc-httpd 1.0.0 Vendor Homepage: http://www.xiongmaitech.com/en/ Tested on: KKMoon DVR running XiongMai uc-httpd 1.0.0 on TCP/81 CVE ID: CVE-2018-10088 DISCLAIMER: Thi...
XiongMai uc-httpd 1.0.0 - Buffer Overflow
Exploit Title: XiongMai uc-httpd 1.0.0 - Buffer Overflow Date: 2018-06-08 Exploit Author: Andrew Watson Software Version: XiongMai uc-httpd 1.0.0 Vendor Homepage: http://www.xiongmaitech.com/en/ Tested on: KKMoon DVR running XiongMai uc-httpd 1.0.0 on TCP/81 CVE ID: CVE-2018-10088 DISCLAIMER: Thi...
JVN#01161596: Safari vulnerable to script injection
Safari provided by Apple Inc. contains a script injection vulnerability CWE-81 in the processing of displaying an error page when it fails to verify server certificates. In an error page Safari displays when it fails to verify server certificates, a domain name of the website accessed is output...