Lucene search
+L

97 matches found

OSV
OSV
added 2021/12/09 4:15 p.m.5 views

CVE-2021-20143

An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS5.9AI score0.03709EPSS
Exploits1References1
NVD
NVD
added 2021/12/09 4:15 p.m.28 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS0.03709EPSS
Exploits1References1
OSV
OSV
added 2021/12/09 4:15 p.m.4 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS7.4AI score0.03709EPSS
Exploits1References1
OSV
OSV
added 2021/12/09 4:15 p.m.4 views

CVE-2021-20139

An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS7.4AI score
Exploits0References1
OSV
OSV
added 2021/12/09 4:15 p.m.4 views

CVE-2021-20142

An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS5.9AI score0.03709EPSS
Exploits1References1
Prion
Prion
added 2021/12/09 4:15 p.m.18 views

Command injection

An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.3CVSS9AI score0.03984EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/12/09 4:15 p.m.10 views

Command injection

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.3CVSS9AI score0.03709EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/12/09 4:15 p.m.15 views

Command injection

An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.3CVSS9AI score0.03984EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/12/09 4:15 p.m.15 views

Command injection

An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.3CVSS9AI score0.03709EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2020/12/08 10:31 p.m.4 views

CVE-2020-9999

creationtimestamp| type| source ---|---|--- 2020-12-08 22:31:30+00:00| seen| https://t.me/cibsecurity/17278...

7.8CVSS7.6AI score0.08491EPSS
Exploits0References1
CVE
CVE
added 2020/12/08 7:32 p.m.114 views

CVE-2020-9999

CVE-2020-9999 is an Apple-specific memory corruption issue affecting multiple Apple platforms. Public documentation indicates that it can be triggered by processing a maliciously crafted text file, potentially leading to arbitrary code execution. The vulnerability is addressed in macOS Big Sur 11...

7.8CVSS8.1AI score0.08491EPSS
Exploits0References7Affected Software7
Kaspersky
Kaspersky
added 2020/12/02 12:0 a.m.61 views

KLA12017 Mulitple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in...

9.3CVSS10AI score0.08491EPSS
Exploits2References3
Apple
Apple
added 2020/09/16 12:0 a.m.45 views

About the security content of tvOS 14.0

About the security content of tvOS 14.0 This document describes the security content of tvOS 14.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

9.3CVSS9.4AI score0.08491EPSS
Exploits3References1Affected Software1
Apple
Apple
added 2020/09/16 12:0 a.m.176 views

About the security content of iTunes 12.10.9 for Windows

About the security content of iTunes 12.10.9 for Windows This document describes the security content of iTunes 12.10.9 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

9.3CVSS9.3AI score0.08491EPSS
Exploits2References1Affected Software1
Kaspersky
Kaspersky
added 2020/09/16 12:0 a.m.75 views

KLA12007 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability in ImageIO can be exploited...

9.3CVSS9.8AI score0.08491EPSS
Exploits2References3
NVD
NVD
added 2020/07/23 4:15 p.m.20 views

CVE-2020-10920

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...

9.8CVSS9.9AI score0.04922EPSS
Exploits0References1
OSV
OSV
added 2020/07/23 4:15 p.m.6 views

CVE-2020-10920

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...

9.8CVSS7.7AI score0.04922EPSS
Exploits0References1
Prion
Prion
added 2020/07/23 4:15 p.m.11 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...

7.5CVSS9.8AI score0.04922EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/23 3:35 p.m.28 views

CVE-2020-10920

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...

9.8CVSS9.9AI score0.04922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/07/07 12:0 a.m.31 views

C-MORE HMI EA9 Control Port Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-More HMI EA9 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port 9999 by default. The...

9.8CVSS2.2AI score0.04922EPSS
Exploits0
Rows per page
Query Builder