Lucene search
+L

53 matches found

OSV
OSV
added 2025/04/16 6:16 p.m.6 views

CVE-2025-32855

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.7CVSS5.8AI score0.00554EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 6:16 p.m.4 views

CVE-2025-32831

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.7CVSS5.8AI score0.00683EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 6:16 p.m.4 views

CVE-2025-30032

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.7CVSS5.8AI score0.00732EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/11 9:56 a.m.5 views

SUSE CVE-2007-6734

NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors...

4CVSS6.9AI score0.01385EPSS
Exploits0References3
OSV
OSV
added 2025/03/03 8:15 p.m.7 views

CVE-2024-51954

There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux which, under unique circumstances, could allow a remote, low‑privileged authenticated attacker to access secure services published to a standalone unfederated ArcGIS Server instance. Successful...

8.5CVSS5.6AI score0.00294EPSS
Exploits0References1
OSV
OSV
added 2025/02/04 6:15 p.m.4 views

CVE-2025-23059

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and retrieve sensitive...

4.9CVSS5.8AI score0.00576EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 4:15 p.m.6 views

CVE-2022-20939

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this...

4.3CVSS5.8AI score0.00595EPSS
Exploits0References2
OSV
OSV
added 2024/11/06 5:15 p.m.9 views

CVE-2024-20507

A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...

6.5CVSS5.8AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 2:15 a.m.2 views

CVE-2023-32168

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...

8.8CVSS5.8AI score0.01633EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.4 views

PT-2024-1085 · Unknown · Cp-8050 Master Module +1

Name of the Vulnerable Software and Affected Versions: CP-8031 MASTER MODULE versions prior to CPCI85 V05.20 CP-8050 MASTER MODULE versions prior to CPCI85 V05.20 Description: A flaw has been identified in the network configuration service of affected devices, related to the conversion of ipv4...

8.3CVSS6.9AI score0.00547EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/12/25 12:0 a.m.4 views

Nokia NFM-T Security Vulnerability

Nokia NFM-T is a transport network function manager from Nokia of Finland. A security vulnerability exists in Nokia NFM-T version R19.9, which originates from an absolute path traversal vulnerability that could allow an authenticated, remote attacker to read arbitrary files...

6.5CVSS6.7AI score0.008EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.11 views

PT-2023-4250 · Sap · Sap Business One

Name of the Vulnerable Software and Affected Versions: SAP Business One B1i module version 10.0 Description: The issue is related to the lack of protection of the SQL query structure in the B1i Layer component of SAP Business One. This allows a remote attacker to send specially crafted queries to...

7.5CVSS7.5AI score0.00477EPSS
Exploits0References8
OSV
OSV
added 2023/03/03 4:15 p.m.2 views

CVE-2023-20062

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery SSRF attack on an affected system. Cisco plans to release software updates that address these vulnerabilities...

4.3CVSS5.8AI score0.00525EPSS
Exploits0References1
NCSC
NCSC
added 2022/12/27 12:0 a.m.6 views

Vulnerability fixed in HCL BigFix

A vulnerability has been fixed in HCL BigFix. The vulnerability allows an authenticated remote malicious person to obtain to obtain sensitive data. HCL has released updates to fix the vulnerability. More information can be found on the page below: https://support.hcltechsw.com...

7.7CVSS6.6AI score0.00312EPSS
Exploits0
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.7 views

Cisco Small Business RV Series Routers 操作系统命令注入漏洞

The Cisco Small Business RV Series Routers is an RV Series router from Cisco. The Cisco Small Business RV340 and RV345 Routers are vulnerable to an operating system command injection vulnerability that arises from insufficient validation of user-supplied input in the web-based management interfac...

9CVSS7.6AI score0.01923EPSS
Exploits0References4
NCSC
NCSC
added 2022/04/20 12:0 a.m.6 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage:...

8.2CVSS7.5AI score0.01655EPSS
Exploits1
CNNVD
CNNVD
added 2021/11/03 12:0 a.m.4 views

Cisco Unity Connection 和 Cisco Unified Communications Manager 路径遍历漏洞

Cisco Unity Connection UC and Cisco Unified Communications Manager CUCM, Unified CM, CallManager are both products of Cisco Corporation.Cisco Unity Connection is a voice Cisco Unity Connection is a voice messaging platform. The platform can use voice commands to make calls or listen to messages i...

4.3CVSS5.2AI score0.01513EPSS
Exploits0References6
OSV
OSV
added 2021/04/29 6:15 p.m.6 views

CVE-2021-1369

A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...

5.4CVSS5.8AI score0.0098EPSS
Exploits0References1
NCSC
NCSC
added 2021/03/09 12:0 a.m.7 views

Vulnerability fixed in Microsoft SQL Server

A vulnerability has been fixed in the Microsoft SQL product group. Server. The vulnerability is in the Power BI application. The vulnerability enables an authenticated remote malicious person to able to obtain sensitive information. Power BI:...

7.7CVSS6.6AI score0.02839EPSS
Exploits0
NVD
NVD
added 2019/10/16 7:15 p.m.32 views

CVE-2019-15257

A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper restrictions on configuration information. An...

6.5CVSS6.3AI score0.01088EPSS
Exploits0References2
Rows per page
Query Builder