Lucene search
K

162 matches found

CNNVD
CNNVD
added 2023/03/01 12:0 a.m.4 views

Aruba Networks ArubaOS 安全漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an authentication information disclosure...

6.5CVSS6.5AI score0.00589EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.7 views

Ubuntu: Security Advisory (USN-4785-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.06748EPSS
Exploits0References2
Prion
Prion
added 2022/07/12 9:15 p.m.27 views

Cross site scripting

A vulnerability in SAP NW EP WPC - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site XSS scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to...

4.3CVSS6.3AI score0.00675EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/06/13 5:15 a.m.12 views

Improper access control

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...

9CVSS7.6AI score0.02452EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/13 4:50 a.m.24 views

CVE-2022-28704

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...

8AI score0.02452EPSS
Exploits0References2
NVD
NVD
added 2022/01/21 7:15 p.m.19 views

CVE-2022-23129

Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS GENESIS64 versions 10.90 to 10.97 allows a local authenticated attacker to gain authentication information and to access the database illegally. This is because when...

5.5CVSS0.00186EPSS
Exploits0References3
Prion
Prion
added 2022/01/21 7:15 p.m.22 views

Cross site scripting

Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...

4.3CVSS7.1AI score0.01614EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2022/01/21 7:15 p.m.18 views

Design/Logic Flaw

Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS GENESIS64 versions 10.90 to 10.97 allows a local authenticated attacker to gain authentication information and to access the database illegally. This is because when...

2.1CVSS6.4AI score0.00186EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2022/01/21 6:17 p.m.25 views

CVE-2022-23127

Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...

6.7AI score0.01614EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/09/22 12:0 a.m.5 views

Line Corporation Line Client For Ios 安全漏洞

Line Corporation Line Client For Ios is a communication application from Line Corporation, Japan. A security vulnerability exists in Line Client For Ios versions prior to 11.15.0, which can be exploited by an attacker to obtain service-specific authentication information in combination with a...

7.5CVSS7.3AI score0.01101EPSS
Exploits0References2
OSV
OSV
added 2021/09/06 2:15 p.m.4 views

CVE-2021-36095

Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG OTRS Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions...

5.3CVSS5.8AI score0.00943EPSS
Exploits0References1
NVD
NVD
added 2021/05/19 7:15 p.m.14 views

CVE-2021-25644

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators...

7.5CVSS0.00638EPSS
Exploits0References2
Prion
Prion
added 2021/05/19 7:15 p.m.21 views

Authentication flaw

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators...

5CVSS7.6AI score0.00638EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.4 views

Cisco Jabber 信息泄露漏洞

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. Cisco Jabber has an information disclosure vulnerability that can be exploited by an attacker by sending a crafted XMPP message to the...

9.9CVSS7AI score0.00958EPSS
Exploits0References3
CNNVD
CNNVD
added 2020/12/10 12:0 a.m.8 views

Cisco Jabber Input Validation Error Vulnerability

Cisco Jabber is the United States Cisco Cisco company's set of unified communications client solutions. The solution provides online status display, instant messaging, voice, and other features. Cisco Jabber suffers from an Input Validation Error vulnerability, which is caused by the software...

9.9CVSS7.5AI score0.0143EPSS
Exploits0References3
NVD
NVD
added 2020/10/29 9:15 a.m.25 views

CVE-2020-27657

Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager SRM before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors...

6.5CVSS6.3AI score0.00578EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/10/29 9:0 a.m.22 views

CVE-2020-27656

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager DSM before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors...

6.5CVSS6.8AI score0.0054EPSS
Exploits1References2
NVD
NVD
added 2020/09/09 1:15 p.m.16 views

CVE-2020-6283

SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting XSS vulnerability. With a successful attack, the attacker can steal...

6.1CVSS0.00675EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/09/09 12:51 p.m.25 views

CVE-2020-6283

SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting XSS vulnerability. With a successful attack, the attacker can steal...

4.8CVSS6.1AI score0.00675EPSS
Exploits0References2
OSV
OSV
added 2020/09/04 3:15 a.m.3 views

CVE-2020-3498

A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted messages to a targeted...

6.5CVSS6.9AI score0.01854EPSS
Exploits0References1
Rows per page
Query Builder