Lucene search
+L

1347 matches found

OSV
OSV
added 2020/06/18 3:15 a.m.6 views

CVE-2020-3291

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected...

7.2CVSS7.5AI score0.03189EPSS
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 a.m.7 views

CVE-2020-3295

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected...

7.2CVSS7.5AI score0.03189EPSS
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 a.m.4 views

CVE-2020-3279

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected...

7.2CVSS7.4AI score0.028EPSS
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 a.m.3 views

CVE-2020-3286

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected...

7.2CVSS7.5AI score0.03189EPSS
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 a.m.5 views

CVE-2020-3268

Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details...

7.2CVSS7.3AI score0.02591EPSS
Exploits0References1
OSV
OSV
added 2020/05/13 7:15 p.m.6 views

CVE-2020-2017

A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's...

6.1CVSS7.1AI score0.00828EPSS
Exploits0References1
OSV
OSV
added 2020/05/13 7:15 p.m.6 views

CVE-2020-2009

An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in...

7.2CVSS7.5AI score0.01951EPSS
Exploits0References1
Prion
Prion
added 2020/05/13 7:15 p.m.15 views

Xxe

An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8....

8.5CVSS6.5AI score0.00938EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/13 7:7 p.m.23 views

CVE-2020-2003 PAN-OS: Authenticated administrator can delete arbitrary system file

An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8....

6.5CVSS6.6AI score0.00938EPSS
Exploits0References1
OSV
OSV
added 2020/05/06 5:15 p.m.3 views

CVE-2020-3308

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper...

4.9CVSS5.8AI score0.00602EPSS
Exploits0References1
OSV
OSV
added 2020/05/06 5:15 p.m.6 views

CVE-2020-3256

A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need...

4.9CVSS5.8AI score0.01194EPSS
Exploits0References1
OSV
OSV
added 2020/04/16 7:15 p.m.4 views

CVE-2020-7111

A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher...

7.2CVSS7.2AI score0.01886EPSS
Exploits0References1
OSV
OSV
added 2020/04/02 2:15 p.m.5 views

CVE-2020-11491

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi...

4.9CVSS5.8AI score0.0787EPSS
Exploits1References2
OSV
OSV
added 2020/03/18 7:15 p.m.5 views

CVE-2019-18582

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

7.2CVSS7.3AI score0.04573EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/03/02 12:0 a.m.19 views

CVE-2020-8500

DISPUTED In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality. Recent assessments: J3rryBl4nks at March 03, 2020 7:47pm UTC reported: Due to the fact tha...

7.2CVSS3.4AI score0.0354EPSS
Exploits1References3
OSV
OSV
added 2020/02/25 5:15 p.m.7 views

CVE-2020-9335

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users...

4.8CVSS6AI score0.01355EPSS
Exploits0References2
NVD
NVD
added 2020/02/25 5:15 p.m.33 views

CVE-2020-9335

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users...

4.8CVSS5.1AI score0.01355EPSS
Exploits0References2
Prion
Prion
added 2020/02/25 5:15 p.m.31 views

Cross site scripting

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users...

3.5CVSS4.9AI score0.01355EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2020/02/19 4:4 p.m.8 views

rabbitmq-server: not properly sanitized user input may lead to XSS

A flaw was discovered in rabbitmq-server where two endpoints, federation and shovel, do not properly sanitize user input. A remote, authenticated user, with administrative access, could execute a cross site scripting attack, using the vhost or node name fields, that could grant access to virtual...

4.8CVSS5.3AI score0.00796EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/01/13 10:12 a.m.6 views

rabbitmq-server: improper sanitization of vhost limits and federation management UI pages

A vulnerability was found in the rabbitmq-server. User input for the virtual host limits page and the federation management UI was not properly sanitized. A remote, authenticated administrative user could create a cross-site scripting attack leading to access to virtual hosts and policy managemen...

4.8CVSS6.9AI score0.01165EPSS
Exploits0References6
Rows per page
Query Builder