Lucene search
+L

818 matches found

Prion
Prion
added 2017/04/07 5:59 p.m.17 views

Command injection

A vulnerability in the CLI of Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189...

3.6CVSS5AI score0.00804EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/04/07 5:59 p.m.6 views

CVE-2017-6602

A vulnerability in the CLI of Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189...

4.4CVSS5.8AI score0.00804EPSS
Exploits0References3
OSV
OSV
added 2017/04/07 5:59 p.m.5 views

CVE-2016-9197

A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected...

6.7CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2017/04/07 5:59 p.m.5 views

CVE-2016-9196

A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The root Linux shell is provided for advanced...

6.7CVSS5.8AI score0.00421EPSS
Exploits0References3
OSV
OSV
added 2017/02/13 9:59 p.m.5 views

CVE-2016-8566

An issue was discovered in Siemens SICAM PAS before 8.00. Because of Storing Passwords in a Recoverable Format, an authenticated local attacker with certain privileges could possibly reconstruct the passwords of users for accessing the database...

7.8CVSS5.8AI score0.00317EPSS
Exploits0References2
OSV
OSV
added 2016/12/14 12:59 a.m.2 views

CVE-2016-9215

A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releases: 6.1.1.BASE...

7.8CVSS5.8AI score0.00369EPSS
Exploits0References3
OSV
OSV
added 2016/12/14 12:59 a.m.8 views

CVE-2016-6470

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Known Affected Releases: 1.0...

7.8CVSS5.8AI score0.00326EPSS
Exploits0References2
OSV
OSV
added 2016/11/19 3:3 a.m.4 views

CVE-2016-6459

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0...

5.5CVSS5.9AI score0.00739EPSS
Exploits0References3
OSV
OSV
added 2016/11/19 3:2 a.m.4 views

CVE-2016-6450

A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are running a vulnerable release of Cisco IOS XE...

2.5CVSS5.8AI score0.00296EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2016/11/15 12:0 a.m.28 views

NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion (LFI) & SQLi

The WordPress Gallery Plugin – NextGEN Gallery WordPress plugin was affected by an Authenticated Local File Inclusion LFI & SQLi security vulnerability...

7.5CVSS2.6AI score0.02538EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/09/21 12:0 a.m.4 views

SolarWinds Kiwi Syslog Server Elevation of Privilege Vulnerability

SolarWinds network security management software products. The application can be installed on a windows system with the option to select the default security service. The default installation path "C:\Program Files x86" is selected when installing the 32-bit application, which may allow an...

7.5AI score
Exploits0References1
CNVD
CNVD
added 2016/09/21 12:0 a.m.6 views

SolarWinds Kiwi CatTools Elevation of Privilege Vulnerability

SolarWinds network security management software products. The application can be installed on windows systems with the option to select the default security service. The default installation path "C:\Program Files x86" is selected when installing the 32-bit application, which may allow an...

7.5AI score
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2016/08/15 12:0 a.m.4 views

VulnCheck KEV: CVE-2016-6367

A vulnerability in the command-line interface CLI parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service DoS condition or potentially execute code...

7.8CVSS7.3AI score0.22583EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2016/08/15 12:0 a.m.5 views

PT-2016-2535 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions prior to 8.41 Description: The issue is caused by a buffer overflow in the Cisco Adaptive Security Appliance software. It allows an authenticated, local attacker to potentially execute...

7.8CVSS8.7AI score0.22583EPSS
Exploits2References15
CNVD
CNVD
added 2016/07/21 12:0 a.m.8 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2016-05391)

Oracle MySQL Server is a lightweight relational database system. A security vulnerability exists in Oracle MySQL Server versions 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier, which can be exploited by an authenticated, local attacker to affect availability...

4.9CVSS6.2AI score0.03703EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.2 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2016-05387)

Oracle MySQL Server is a lightweight relational database system. A security vulnerability exists in Oracle MySQL Server versions 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier, which can be exploited by an authenticated, local attacker to affect availability...

5.3CVSS8.1AI score0.0568EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/17 12:0 a.m.4 views

Cisco UCS Central Software Command Line Interface Command Injection Vulnerability

Cisco UCS Central Software is a U.S. Cisco Cisco company's computing, virtualization and networking in one software platform. A security vulnerability exists in the command line interface of Cisco UCS Central Software. An authenticated, local attacker can exploit this vulnerability to inject...

7.2CVSS7.2AI score0.00582EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the wmpomme package of the SUSE Linux Enterprise operating system. Exploitation of these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. The exploitation of these vulnerabilities can be carried out...

6.2CVSS6.5AI score0.00785EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the hal-gnome package of the SUSE Linux Enterprise operating system. Exploitation of these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. The exploitation of these vulnerabilities can be carried out...

6.2CVSS6.5AI score0.00785EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.9 views

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the hal-debuginfo-64bit package of the SUSE Linux Enterprise operating system. Exploitation of these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. The exploitation of these vulnerabilities can be...

6.2CVSS6.5AI score0.00785EPSS
Exploits2References5
Rows per page
Query Builder