Lucene search
+L

2505 matches found

CNVD
CNVD
added 2019/06/11 12:0 a.m.6 views

Progress Sitefinity Authorization Issues Vulnerability

Progress Sitefinity is an open source platform for building corporate websites and intranets. An authorization issue vulnerability exists in Progress Sitefinity version 10.1.6536. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a web syste...

6.5CVSS7AI score0.01041EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/05 12:0 a.m.4 views

Phoenix Contact PLCNext AXC F 2152 Authorization Issues Vulnerability

Phoenix Contact PLCNext AXC F 2152 is a programmable logic controller from Phoenix Contact, Germany. An authorization issue vulnerability exists in the Phoenix Contact PLCNext AXC F 2152 2404267 and 1046568 Starterkit using firmware version 1.x, which can be exploited by an attacker to cause...

6.8CVSS6.8AI score0.00395EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/27 12:0 a.m.7 views

Percona Server Authorization Issues Vulnerability

Percona Server is an open source relational database management system . An authorization issue vulnerability exists in Percona Server version 5.6.44-85.0-1 Debian and Ubuntu. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked...

10CVSS7.2AI score0.0197EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/27 12:0 a.m.48 views

Fortinet FortiOS Authorization Issues Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An authorization issue...

9.1CVSS7AI score0.81691EPSS
Exploits2References1
CNVD
CNVD
added 2019/05/24 12:0 a.m.5 views

Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 License Issue Vulnerability

Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 are both products of Schneider Electric, France.Schneider Electric SoMachine Basic is a suite of software for programming logic controllers. The Schneider Electric Modicon M221 is a programmable logic controller. An...

5.5CVSS7AI score0.0031EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/16 12:0 a.m.4 views

GitLab Authorization Issues Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab...

4.3CVSS6.6AI score0.01037EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.12 views

Rockwell Automation/Allen-Bradley PanelView Plus 6 HMIs Missing Authorization

Binary data 720128.prm...

8.6CVSS7AI score0.06564EPSS
Exploits0References2
CNVD
CNVD
added 2019/04/10 12:0 a.m.3 views

SAP BASIS Authorization Issues Vulnerability

SAP BASIS is a content management system. SAP BASIS is vulnerable to an authorization issue. An attacker could exploit this vulnerability to gain unauthorized access and obtain sensitive information...

8.8CVSS6.8AI score0.01131EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/02 12:0 a.m.6 views

IBM Security Privileged Identity Manager Authorization Issues Vulnerability

IBM Security Privileged Identity Manager ISPIM is an identity management product within the IBM Identity Governance and Management solution from IBM in the United States. The product is designed to protect, automate and audit the use of privileged identities to help defend against insider threats...

4.3CVSS6.9AI score0.01164EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/31 12:0 a.m.64 views

Apache HTTP Server Authorization Issues Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server is vulnerable to an authorization issue. The vulnerability stems from modsession detecting the expiration time ...

7.5CVSS8.6AI score0.19994EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/09 12:0 a.m.7 views

SAP Cloud Connector Authorization Issues Vulnerability

SAP Cloud Connector is a connector for connecting to the SAP Cloud Platform from SAP Germany. An authorization issue vulnerability exists in SAP Cloud Connector versions prior to 2.11.3, which stems from the program failing to perform any authentication and can be exploited by an attacker to...

9.8CVSS7AI score0.02744EPSS
Exploits0References1
Hacker One
Hacker One
added 2018/11/11 9:56 p.m.19 views

QIWI: account takeover https://teamplay.qiwi.com

Здравствуйте. Нашел баг, как украсть аккаунт на данном сайте. Для того, чтобы это провернуть нам нужно знать эмайл вашего пользователя. Предположим что пользователь зашел на ваш сайт через аккаунт ВКонтакте, к его странице привязана почта [email protected] Мы идем на https://www.faceit.com и...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/10/12 12:0 a.m.4 views

Intelbras NPLUG License Issue Vulnerability

Intelbras NPLUG is a wireless relay device from Intelbras Poland. Intelbras NPLUG is vulnerable to an authorization issue. An attacker could exploit this vulnerability to bypass authentication...

9.3CVSS6.9AI score0.05867EPSS
Exploits3References1
CNVD
CNVD
added 2018/09/12 12:0 a.m.6 views

Micronet INplc-RT Authorization Issue Vulnerability (CNVD-2019-40825)

Micronet INplc-RT is a software-defined PLC Programmable Logic Controller from Micronet Japan. An authorization issue vulnerability exists in Micronet INplc-RT version 3.08 and earlier. A remote attacker could exploit this vulnerability to execute arbitrary commands...

9.8CVSS7.5AI score0.0164EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/30 12:0 a.m.6 views

ABB eSOMS Authorization Issues Vulnerabilities

ABB eSOMS is a plant operations management system from ABB Switzerland. An authorization issue vulnerability exists in ABB eSOMS version 6.0.2. An attacker could exploit this vulnerability to gain unauthorized access to the system...

9.8CVSS7AI score0.04807EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/13 12:0 a.m.3 views

Nextcloud Server Authorization Issues Vulnerability

Nextcloud is a client-server software suite for creating network hard disks. An authorization issue vulnerability exists in versions of Nextcloud Server prior to 12.0.3, which can be exploited by an attacker to obtain user credentials and bypass two-factor authentication...

8.8CVSS8.2AI score0.01234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/08/08 12:0 a.m.7 views

PT-2018-16196 · Mosquitto · Aedes

Name of the Vulnerable Software and Affected Versions: aedes versions prior to 0.35.1 Description: The issue is related to improper authorization, where aedes does not respect its own authorization rules when a client sets a Last Will. This can lead to publishing a Last Will and Testament LWT in ...

5.3CVSS5AI score0.01417EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2018/06/06 12:0 a.m.53 views

Apple iCloud Security Updates (HT208853)

Apple iCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:icloud"; ifdescription...

8.8CVSS8.1AI score0.53772EPSS
Exploits25References1
OpenVAS
OpenVAS
added 2018/06/06 12:0 a.m.34 views

Apple iTunes Security Updates (HT208852)

Apple iTunes is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:itunes"; ifdescription...

8.8CVSS7.2AI score0.53772EPSS
Exploits25References1
OpenVAS
OpenVAS
added 2018/06/04 12:0 a.m.79 views

Apple Mac OS X Security Updates (HT208849)-01

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.87606EPSS
Exploits26References1
Rows per page
Query Builder