Lucene search
K

869 matches found

OSV
OSV
added 2017/04/13 7:59 p.m.3 views

CVE-2016-8727

An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker...

7.5CVSS5.8AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/04/07 12:0 a.m.27 views

IBM WebSphere Portal Sensitive Information Disclosure Vulnerability (swg21963226)

IBM Websphere Portal is prone to sensitive information Disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS8.5AI score0.02127EPSS
Exploits0References4
NVD
NVD
added 2017/02/13 9:59 p.m.14 views

CVE-2016-9346

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted...

5.3CVSS5.8AI score0.01233EPSS
Exploits0References2
CNVD
CNVD
added 2017/02/10 12:0 a.m.3 views

BINOM3 Electric Power Quality Meter Information Disclosure Vulnerability

BINOM3 Electric Power Quality Meter is an electrical power quality monitor for SCADA systems from the Russian company BINOM3. An information disclosure vulnerability exists in BINOM3 Electric Power Quality Meter that could be exploited by an attacker to provide remote services with access to...

10CVSS6.4AI score0.1261EPSS
Exploits2References1
OSV
OSV
added 2016/12/14 10:59 p.m.4 views

CVE-2016-3684

SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338...

4.7CVSS5.8AI score0.00288EPSS
Exploits1References4
CNVD
CNVD
added 2016/12/12 12:0 a.m.2 views

Moxa MiiNePort Information Disclosure Vulnerability (CNVD-2016-12353)

Moxa MiiNePort is an embedded device networking module from Moxa designed for manufacturers to connect serial devices to a network connection. An information disclosure vulnerability exists in Moxa MiiNePort, which arises from the program's failure to encrypt configuration data in a file. An...

5.3CVSS6.5AI score0.01233EPSS
Exploits0References1
OSV
OSV
added 2016/10/13 10:59 a.m.4 views

CVE-2016-7960

Siemens SIMATIC STEP 7 TIA Portal before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors...

2.5CVSS5.8AI score0.00332EPSS
Exploits0References3
CNVD
CNVD
added 2016/10/12 12:0 a.m.5 views

Siemens SIMATIC STEP 7 suffers from an information disclosure vulnerability (CNVD-2016-08769)

Siemens SIMATIC is an automation software with a single engineering environment. An information disclosure vulnerability exists in Siemens SIMATIC STEP 7 V12 and V13. A local attacker can exploit the vulnerability to bypass the protection of the TIA Portal Project File Transfer Format and access...

2.5CVSS6AI score0.00332EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/24 12:0 a.m.4 views

Cybozu Garoon Access Privilege Bypass Vulnerability

Cybozu Garoon is a portal-type OA office system of Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin boards, document management, and other functions, and supports free switching among three languages Chinese, Japanese, and English. An access privilege bypass...

4.3CVSS7AI score0.01024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/08/19 12:0 a.m.5 views

PT-2016-6210 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.11.4 Foreman versions 1.12.x prior to 1.12.1 Description: The issue allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information. This is possible because...

5.3CVSS5.2AI score0.01083EPSS
Exploits0References6
Lenovo
Lenovo
added 2016/08/14 12:0 a.m.11 views

Intel releases fix for sleep mode configuration bypass

Lenovo Security Advisory: LEN-2015-049, LEN-2015-050, LEN-2015-051 Potential Impact: Elevation of Privilege Severity: High Summary: Intel has released an update that has been incorporated into the latest Lenovo BIOS to fix vulnerabilities dealing with systems going into sleep mode. Description:...

6.8AI score
Exploits0
OSV
OSV
added 2016/07/04 4:59 p.m.4 views

CVE-2016-5849

Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage...

2.5CVSS5.8AI score0.00317EPSS
Exploits0References3
NVD
NVD
added 2016/06/14 2:59 p.m.15 views

CVE-2016-5366

Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to modify configuration data via vectors related to a "file injection vulnerability," aka HWPSIRT-2016-05052...

7.5CVSS8.1AI score0.00722EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/07 12:0 a.m.2 views

Moxa MiiNePort Information Disclosure Vulnerability

Moxa MiiNePort is an embedded device networking module designed for manufacturers to connect serial devices to a network connection. Moxa MiiNePort stores information in clear text and does not provide a protection mechanism, allowing an attacker to view sensitive or configuration information...

7.5CVSS6.6AI score0.01505EPSS
Exploits0References1
OSV
OSV
added 2016/03/24 1:59 a.m.3 views

CVE-2016-1776

Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DSStore and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request...

5.3CVSS5.8AI score
Exploits0References4
CNVD
CNVD
added 2016/03/24 12:0 a.m.2 views

Apple OS X Server Information Disclosure Vulnerability (CNVD-2016-01860)

Apple OS X Server is a set of Unix-based server operating software from the U.S. company Apple Apple. The software can realize file sharing, meeting arrangement, website hosting, network remote access, etc. Web Server is one of the Web servers. A security vulnerability exists in Apple OS X Server...

5.3CVSS6.4AI score0.01813EPSS
Exploits0References1
CNVD
CNVD
added 2016/02/23 12:0 a.m.1 views

Malwarebytes Anti-Malware Security Bypass Vulnerability

Malwarebytes Anti-Malware MBAM is a suite of anti-malware spyware from the American company Malwarebytes. The software supports the removal of worms, dial-up programs, Trojans, rootkits, spyware, exploits, bots, and other malware, among others. There are security bypass vulnerabilities in MBAM. A...

7.5AI score
Exploits0References1
ICS
ICS
added 2016/02/06 7:0 a.m.68 views

KMC Controls Conquest BACnet Router Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on May 5, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified authentication and cross-site request forgery CSRF vulnerabilities in KMC Controls’ Conquest...

8.8CVSS8.5AI score0.01232EPSS
Exploits0References10
NVD
NVD
added 2015/12/23 11:59 a.m.15 views

CVE-2015-7925

Cross-site request forgery CSRF vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot...

8CVSS8.7AI score0.01243EPSS
Exploits1References5
Prion
Prion
added 2015/12/23 11:59 a.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot...

6.8CVSS7.8AI score0.01243EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder