Lucene search
K

869 matches found

CNNVD
CNNVD
added 2021/06/30 12:0 a.m.6 views

华为智能手机信任管理问题漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a trust management issue, which stems from improper management of device to credentials. An attacker could use this vulnerability t...

8.1CVSS5.9AI score0.00614EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.3 views

Avaya Aura Utility Services 安全漏洞

Avaya Aura Utility Services is a group of tools and applications that support enterprise IP telephony from Avaya USA. A security vulnerability exists in Avaya Aura Utility Services that allows any local user to access system features and configuration information that should only be available to...

5.5CVSS5.8AI score0.00616EPSS
Exploits0References2
OSV
OSV
added 2021/06/11 2:15 p.m.2 views

CVE-2021-26996

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks...

7.5CVSS7.2AI score0.01413EPSS
Exploits0References1
OSV
OSV
added 2021/06/09 2:15 a.m.1 views

CVE-2021-20730

Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors...

4.3CVSS5.9AI score0.00368EPSS
Exploits0References2
OSV
OSV
added 2021/06/08 2:15 p.m.6 views

CVE-2021-30357

SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access...

5.3CVSS5.8AI score0.22792EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/05/31 12:0 a.m.2 views

BUFFALO INC WSR-1166DHP3-BK 访问控制不当漏洞

Buffalo WSR-1166DHP3 and WSR-1166DHP4 are routers from BUFFALO INC. An access control error vulnerability exists in Buffalo WSR-1166DHP3 and WSR-1166DHP4, which could be exploited by an attacker to obtain configuration information via unspecified vectors...

4.3CVSS5.6AI score0.00368EPSS
Exploits0References3
Apache Tomcat
Apache Tomcat
added 2021/05/12 12:0 a.m.88 views

Fixed in Apache Tomcat 8.5.66

Low: Authentication weakness CVE-2021-30640 Queries made by the JNDI Realm did not always correctly escape parameters. Parameter values could be sourced from user provided data eg user names as well as configuration data provided by an administrator. In limited circumstances it was possible for...

6.5CVSS6.8AI score0.09886EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/04/28 1:15 a.m.4 views

CVE-2021-3511

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and...

4.3CVSS5.8AI score0.00511EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.5 views

Buffalo broadband routers 安全漏洞

Buffalo Firmware is a networking device from Buffalo Japan. A security vulnerability exists in Buffalo broadband routers that originates from allowing an unauthenticated, remote attacker to gain access to information, such as configurations, via unspecified vectors. The following products and...

4.3CVSS5.2AI score0.00511EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.5 views

Liberty lisPBX 安全漏洞

Common Lisp Lispbox is Common Lisp open source an IDE. A security vulnerability exists in Liberty lisPBX version 2.0-4, which can be exploited by an attacker to remotely retrieve configuration backup files from /backup/lispbx-CONF-YYYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without...

7.5CVSS5.6AI score0.01046EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2021/04/08 12:0 a.m.52 views

tomcat -- JNDI Realm Authentication Weakness in multiple versions

ilja.farber reports: Queries made by the JNDI Realm did not always correctly escape parameters. Parameter values could be sourced from user provided data eg user names as well as configuration data provided by an administrator. In limited circumstances it was possible for users to authenticate...

6.5CVSS3.3AI score0.09886EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.6 views

Cisco SD-WAN vManage 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage has an input validation error vulnerability that stems from insufficient input validation of certain commands by the...

5CVSS5.5AI score0.013EPSS
Exploits0References11
CNVD
CNVD
added 2021/02/19 12:0 a.m.10 views

Apache Airflow Access Control Error Vulnerability

Apache Airflow is an Apache project maintained by the open source community dedicated to scheduling and monitoring workflows, open sourced by Airbnb in October 2014 and graduated from the Apache Foundation in January 2019 to become the new Apache top-level project. Failure of proper access contro...

6.5CVSS6.5AI score0.02805EPSS
Exploits0References1
OSV
OSV
added 2021/02/17 5:15 p.m.3 views

CVE-2021-1412

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...

6.5CVSS6.7AI score0.00971EPSS
Exploits0References1
OSV
OSV
added 2021/02/04 8:15 p.m.2 views

CVE-2021-25244

An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton...

5.3CVSS6.1AI score0.01527EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/02/04 12:0 a.m.4 views

Trend Micro Worry-Free Business Security 访问控制错误漏洞

Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection solutions from Trend Micro. The product provides anti-spam, anti-virus, network security and e-mail protection. An access control error vulnerability exists in Trend Micro Worry-Free Business...

5.3CVSS6AI score0.01527EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/03 12:0 a.m.5 views

Cisco IOS和Cisco IOS XR 权限许可和访问控制问题漏洞

Cisco IOS XR software is a modular and fully distributed network operating system for service provider networks. An information disclosure vulnerability exists in the CLI parser in Cisco IOS XR versions prior to 7.1.2, 7.2.1, and 7.3.1. The vulnerability stems from insufficient application of...

5.5CVSS6.2AI score0.00343EPSS
Exploits0References3
OSV
OSV
added 2021/01/20 8:15 p.m.5 views

CVE-2021-1129

A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA, and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to access general system information and...

5.3CVSS6.1AI score
Exploits0References1
CNVD
CNVD
added 2020/12/22 12:0 a.m.2 views

IBM Security Secret Server Information Disclosure Vulnerability (CNVD-2020-74625)

IBM Security Secret Server is a set of privileged access management solutions from IBM USA. The product supports password management, privileged account identification and privileged session access monitoring and logging. An information disclosure vulnerability exists in IBM Security Secret Serve...

6.3CVSS6AI score0.00495EPSS
Exploits0References1
NVD
NVD
added 2020/12/14 10:15 p.m.26 views

CVE-2020-0459

In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with no additional execution privileges needed. User interacti...

3.3CVSS3.5AI score0.0015EPSS
Exploits0References1
Rows per page
Query Builder