Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

384 matches found

Positive Technologies
Positive Technologiesadded 2023/01/11 12:0 a.m.2 views

PT-2023-10549 · Unknown +1 · Insteon Hub +1

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer...

9.9CVSS9.1AI score0.00437EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/01/11 12:0 a.m.5 views

PT-2023-10612 · Unknown · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer...

9.9CVSS8.8AI score0.00437EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/01/11 12:0 a.m.2 views

PT-2023-10545 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer...

9.9CVSS8.8AI score0.00472EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/01/11 12:0 a.m.2 views

PT-2023-10539 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue concerns buffer overflow vulnerabilities in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow,...

9.9CVSS8.8AI score0.00472EPSS
Exploits1References2
NVD
NVDadded 2022/10/25 5:15 p.m.10 views

CVE-2022-33207

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

10CVSS0.04719EPSS
Exploits1References1
Prion
Prionadded 2022/10/25 5:15 p.m.17 views

Integer overflow

An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to memory corruption. An attacker can make an authenticated HTTP request to trigger this...

6.5CVSS8.6AI score0.01241EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/10/25 5:15 p.m.11 views

Format string

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...

6.5CVSS8.6AI score0.01573EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.13 views

CVE-2022-35884

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...

8.2CVSS8.9AI score0.01573EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:33 p.m.7 views

CVE-2022-33207

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

10CVSS9.9AI score0.04719EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:33 p.m.12 views

CVE-2022-33206

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

10CVSS10AI score0.04719EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:33 p.m.8 views

CVE-2022-32775

An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to memory corruption. An attacker can make an authenticated HTTP request to trigger this...

9CVSS7.2AI score0.01241EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:33 p.m.13 views

CVE-2022-32574

A double-free vulnerability exists in the web interface /action/ipcamSetParamPost functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to memory corruption. An attacker can make an authenticated HTTP request to trigger this...

7.5CVSS6.5AI score0.01365EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2022/10/25 12:0 a.m.1 views

PT-2022-22996 · Abode Systems · Iota All-In-One Security Kit

Name of the Vulnerable Software and Affected Versions: Abode Systems, Inc. iota All-In-One Security Kit versions 6.9Z through 6.9X Description: The web interface /action/wirelessConnect functionality contains format string injection vulnerabilities. A specially-crafted HTTP request can lead to...

8.8CVSS8.3AI score0.01573EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2022/04/14 7:56 p.m.4 views

CVE-2022-21234

An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS9.2AI score0.07001EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/04/14 7:56 p.m.5 views

CVE-2022-21210

An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.6CVSS9.2AI score0.06685EPSS
Exploits1References2
CNVD
CNVDadded 2021/12/27 12:0 a.m.22 views

Lantronix PremierWave 2050 path traversal vulnerability (CNVD-2022-01589)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. It is used to provide reliable and always-on 5G Wi-Fi connectivity. The Lantronix PremierWave 2050 suffers from a path traversal vulnerability that stems from the lack of effective restrictions and filters ...

9.1CVSS9.1AI score0.01858EPSS
Exploits1References1
NVD
NVDadded 2021/12/22 7:15 p.m.14 views

CVE-2021-21882

An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS0.0605EPSS
Exploits1References1
NVD
NVDadded 2021/12/22 7:15 p.m.10 views

CVE-2021-21889

A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS0.04489EPSS
Exploits1References1
OSV
OSVadded 2021/12/22 7:15 p.m.1 views

CVE-2021-21888

An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

9.1CVSS5.9AI score0.02146EPSS
Exploits1References1
OSV
OSVadded 2021/12/22 7:15 p.m.0 views

CVE-2021-21889

A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS7.9AI score0.04489EPSS
Exploits1References1
Rows per page
Query Builder