Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

641 matches found

NVD
NVDadded 2020/06/03 5:15 p.m.23 views

CVE-2020-13783

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information...

7.5CVSS7.7AI score0.00904EPSS
Exploits1References2
OSV
OSVadded 2020/06/03 5:15 p.m.4 views

CVE-2020-13782

D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection...

8.8CVSS7.3AI score0.27057EPSS
Exploits1References2
Prion
Prionadded 2020/06/03 5:15 p.m.19 views

Information disclosure

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information...

5CVSS7.7AI score0.00904EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2020/06/03 5:15 p.m.20 views

Information disclosure

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information...

5CVSS7.7AI score0.00904EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2020/06/03 4:23 p.m.85 views

CVE-2020-13783

CVE-2020-13783 affects the D-Link DIR-865L Ax firmware 1.20B01 Beta. The root cause is cleartext storage of sensitive information in the device, enabling information disclosure if storage is accessed. Multiple sources (CNVD, Red Hat) classify this as an information disclosure vulnerability. No re...

7.5CVSS7.6AI score0.00904EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2020/06/03 4:23 p.m.96 views

CVE-2020-13784

CVE-2020-13784 concerns the D-Link DIR-865L Ax router with firmware 1.20B01 Beta, where the pseudo-random number generator uses a predictable seed. The connected CNVD entry confirms a security feature issue vulnerability for the same device/firmware, citing the easily guessable PRNG seed as the u...

7.5CVSS7.5AI score0.01296EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/06/03 4:22 p.m.28 views

CVE-2020-13785

D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength...

7.7AI score0.00587EPSS
Exploits1References2
CVE
CVEadded 2020/06/03 4:22 p.m.77 views

CVE-2020-13787

CVE-2020-13787 affects D-Link DIR-865L Ax devices with firmware 1.20B01 Beta, where sensitive information can be disclosed due to cleartext transmission over the network. The connected sources describe an information-disclosure vulnerability and a potential for attackers to sniff traffic to obtai...

7.5CVSS7.6AI score0.00904EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2020/02/28 9:15 p.m.14 views

CVE-2020-9449

An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS client, and BlaB! WS Pro client version 19.11 allows an attacker with a guest or user session cookie to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitra...

8.8CVSS8.8AI score0.01036EPSS
Exploits0References1
CVE
CVEadded 2020/02/28 8:19 p.m.111 views

CVE-2020-9449

CVE-2020-9449 affects BlaB! AX/AX Pro and BlaB! WS clients (version 19.11) due to insecure RNG. An attacker with a guest or user session cookie can retrieve the cookie salt value and craft a valid session cookie to escalate privileges to other users or admin. Root cause: weak/random generation in...

8.8CVSS8.7AI score0.01036EPSS
Exploits0References1Affected Software4
OSV
OSVadded 2019/11/15 5:15 p.m.5 views

CVE-2011-2910

The AX.25 daemon ax25d in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation...

6.7CVSS6.8AI score0.00375EPSS
Exploits0References4
NVD
NVDadded 2019/11/15 5:15 p.m.19 views

CVE-2011-2910

The AX.25 daemon ax25d in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation...

7.2CVSS6.6AI score0.00375EPSS
Exploits0References3
Prion
Prionadded 2019/11/15 5:15 p.m.15 views

Privilege escalation

The AX.25 daemon ax25d in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation...

7.2CVSS7.1AI score0.00375EPSS
Exploits0References3Affected Software2
CVE
CVEadded 2019/11/15 4:37 p.m.65 views

CVE-2011-2910

The vulnerability CVE-2011-2910 affects the AX.25 daemon (ax25d) in ax25-tools prior to version 0.0.8-13. The issue is that the daemon does not check the return value of setuid, which is intended to drop privileges. If setuid fails, the process may continue running with root privileges, enabling ...

7.2CVSS6.5AI score0.00375EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2019/11/15 4:37 p.m.23 views

CVE-2011-2910

The AX.25 daemon ax25d in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation...

6.6AI score0.00375EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2019/11/15 4:37 p.m.32 views

CVE-2011-2910

The AX.25 daemon ax25d in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation...

7.2CVSS6.5AI score0.00375EPSS
Exploits0
OSV
OSVadded 2019/09/24 10:15 p.m.2 views

CVE-2019-13528

A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 JACE 3e, JACE 6e, JACE 7, JACE-8000, Niagara 4.4u3 JACE 3e, JACE 6e, JACE 7, JACE-8000, and Niagara 4.7u1 JACE-8000, Edge 10...

4.4CVSS6.4AI score0.00354EPSS
Exploits0References1
NVD
NVDadded 2019/09/24 10:15 p.m.17 views

CVE-2019-13528

A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 JACE 3e, JACE 6e, JACE 7, JACE-8000, Niagara 4.4u3 JACE 3e, JACE 6e, JACE 7, JACE-8000, and Niagara 4.7u1 JACE-8000, Edge 10...

4.4CVSS4.6AI score0.00354EPSS
Exploits0References1
NVD
NVDadded 2019/09/24 10:15 p.m.13 views

CVE-2019-13527

In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized...

7.8CVSS7.6AI score0.05289EPSS
Exploits0References2
Prion
Prionadded 2019/09/24 10:15 p.m.14 views

Code injection

A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 JACE 3e, JACE 6e, JACE 7, JACE-8000, Niagara 4.4u3 JACE 3e, JACE 6e, JACE 7, JACE-8000, and Niagara 4.7u1 JACE-8000, Edge 10...

2.1CVSS5.3AI score0.00354EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder