Lucene search
K

869 matches found

CNNVD
CNNVD
added 2023/07/13 12:0 a.m.3 views

Honeywell Products 安全漏洞

Honeywell Products is a line of products from Honeywell USA. A security vulnerability exists in Honeywell Products that originates from the disclosure of server information about configuration data when an error is generated in response to a specially crafted message...

7.5CVSS7.3AI score0.00476EPSS
Exploits0References2
OSV
OSV
added 2023/07/11 3:15 a.m.4 views

CVE-2023-35872

The Message Display Tool MDT of SAP NetWeaver Process Integration - version SAPXIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

6.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2023/07/11 3:15 a.m.4 views

CVE-2023-35873

The Runtime Workbench RWB of SAP NetWeaver Process Integration - version SAPXITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

6.5CVSS5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/06/19 10:15 a.m.7 views

Jenkins: Information disclosure through error stack traces related to agents

A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...

5.3CVSS7.3AI score0.00724EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.3 views

The vulnerability of the microprogramming software of ABB Terra AC wallboxes—UL40, Terra AC wallbox 80A, Terra AC wallbox UL32A, Terra AC wallbox CE MID, Terra AC wallbox CE Juno, Terra AC wallbox CE PTB, Terra AC wallbox CE Symbiosis, and Terra AC wallbox JP—is related to the transmission of data in an open manner. This allows a intruder to access the configuration data.

The vulnerability of the microprogramming software of ABB Terra AC wallboxes—such as Terra AC wallbox UL40, Terra AC wallbox 80A, Terra AC wallbox UL32A, Terra AC wallbox CE MID, Terra AC wallbox CE Juno, Terra AC wallbox CE PTB, Terra AC wallbox CE Symbiosis, and Terra AC wallbox JP—is related t...

7.1CVSS5.5AI score0.00156EPSS
Exploits0References2Affected Software8
OSV
OSV
added 2023/06/13 9:15 p.m.1 views

CVE-2023-24546

On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts...

8.1CVSS5.8AI score0.00474EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.7 views

PT-2023-19683 · Arista · Arista Cloudvision Portal

Name of the Vulnerable Software and Affected Versions: Arista CloudVision Portal affected versions not specified Description: The issue is related to improper access controls on the connection from devices to CloudVision, which could allow a malicious actor with network access to CloudVision to...

8.1CVSS7.2AI score0.00474EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/13 12:0 a.m.6 views

Arista Networks CloudVision Portal 安全漏洞

Arista Networks CloudVision Portal is a suite of web-based user management portals for the CloudVision platform from Arista Networks, USA. The product includes features such as network device configuration, compliance management, change management, and network monitoring management. A security...

8.1CVSS7.7AI score0.00474EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/24 5:13 p.m.5 views

Jenkins: Information disclosure through error stack traces related to agents

A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...

5.3CVSS7.3AI score0.00724EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.5 views

PT-2023-3091 · Abb · Abb Terra Ac Wallbox

Name of the Vulnerable Software and Affected Versions: ABB Terra AC wallbox UL40/80A versions 1.0;0 through 1.5.5 ABB Terra AC wallbox UL32A versions 1.0;0 through 1.6.5 ABB Terra AC wallbox CE Terra AC MID versions 1.0;0 through 1.6.5 ABB Terra AC wallbox CE Terra AC Juno CE versions 1.0;0 throu...

7.1CVSS4.5AI score0.00156EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/04/28 12:0 a.m.4 views

Sage Group Sage 300 信任管理问题漏洞

Sage Group Sage 300 is a well-established, closed-source enterprise resource planning ERP solution from Sage Group UK, designed to facilitate the management of an organization. A security vulnerability exists in Sage Group Sage 300 version 2022 and prior versions that stems from the use of a...

9.8CVSS8.3AI score0.00675EPSS
Exploits0References2
NVD
NVD
added 2023/04/26 9:15 p.m.23 views

CVE-2023-2291

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus AMP build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a...

7.8CVSS7.7AI score0.00808EPSS
Exploits1References1
Prion
Prion
added 2023/04/24 5:15 p.m.29 views

Design/Logic Flaw

The configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series firmware versions 5.00 through 5.35, USG FLEX 50W firmware versions 5.10 through 5.35, USG20W-VPN firmware versions 5.10 through 5.35, and VPN series firmware versions 5.00 through 5.35, which fails ...

5.8CVSS8AI score0.00693EPSS
Exploits0References1Affected Software18
CNNVD
CNNVD
added 2023/04/13 12:0 a.m.4 views

BlackVue DR750-2CH LTE 访问控制错误漏洞

BlackVue DR750-2CH LTE is an in-vehicle full HD monitor from BlackVue. A security vulnerability exists in the BlackVue DR750-2CH LTE version v.1.0122022.10.26 that stems from not authenticating in its web server. An attacker exploiting this vulnerability could access sensitive information such as...

7.5CVSS7.3AI score0.01128EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/04/11 2:38 p.m.18 views

CVE-2023-1552 ToolboxST Deserialization of Untrusted Configuration Data

ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configurati...

6.4CVSS7.9AI score0.00241EPSS
Exploits0References1
NVD
NVD
added 2023/03/31 5:15 p.m.18 views

CVE-2023-28877

The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...

7.5CVSS7.5AI score0.0053EPSS
Exploits0References1
OSV
OSV
added 2023/03/31 5:15 p.m.6 views

CVE-2023-28877

The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...

7.5CVSS5.8AI score0.0053EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/31 12:0 a.m.18 views

CVE-2023-28877

The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...

7.7AI score0.0053EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/31 12:0 a.m.6 views

CVE-2023-28877

The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...

6.9AI score0.0053EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/31 12:0 a.m.3 views

VTEX apps-graphql 安全漏洞

VTEX apps-graphql is a graphql API module for VTEX IO applications from VTEX UK. A security vulnerability exists in the VTEX [email protected] GraphQL API module that stems from not properly restricting unauthorized access to private configuration data...

7.5CVSS7.3AI score0.0053EPSS
Exploits0References2
Rows per page
Query Builder