Lucene search
K

111 matches found

Cvelist
Cvelist
added 2021/01/04 9:15 p.m.31 views

CVE-2020-29492

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station...

10CVSS9.5AI score0.01736EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/04/08 12:0 a.m.42 views

UniFi Video <= 3.9.3 Multiple Vulnerabilities

UniFi Video on Windows is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

8.4CVSS7.2AI score0.01121EPSS
Exploits0References1
NVD
NVD
added 2019/06/18 3:15 p.m.18 views

CVE-2018-18877

In firmware version MS2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page configmain.php that allows manipulation of the device...

8.8CVSS8.7AI score0.01706EPSS
Exploits0References2
Prion
Prion
added 2019/06/18 3:15 p.m.16 views

Design/Logic Flaw

In firmware version MS2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page configmain.php that allows manipulation of the device...

6.5CVSS8.6AI score0.01706EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/07/24 12:0 a.m.1 views

McAfee Web Gateway Configuration/Environment Manipulation Vulnerability

McAfee Web Gateway MWG is a security gateway product from McAfee USA. The product provides threat protection, application control, and data loss prevention. A configuration/environment manipulation vulnerability exists in the management interface in McAfee MWG version 7.8.1.x, which can be...

9.1CVSS5.3AI score0.01239EPSS
Exploits0References1
NVD
NVD
added 2018/07/23 1:29 p.m.14 views

CVE-2018-6678

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway MWG MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors...

9.1CVSS5.9AI score0.01239EPSS
Exploits0References2
Prion
Prion
added 2018/07/23 1:29 p.m.16 views

Design/Logic Flaw

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway MWG MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors...

6.5CVSS4.8AI score0.01239EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/07/23 1:29 p.m.1 views

CVE-2018-6678

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway MWG MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors...

9.1CVSS6AI score0.01239EPSS
Exploits0References2
CVE
CVE
added 2018/07/23 1:0 p.m.49 views

CVE-2018-6678

CVE-2018-6678 affects McAfee Web Gateway (MWG) 7.8.1.x. The vulnerability exists in the administrative interface and allows authenticated administrator users to execute arbitrary commands via unspecified vectors (configuration/environment manipulation). Connected documents consistently describe M...

9.1CVSS7AI score0.01239EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/07/23 1:0 p.m.14 views

CVE-2018-6678 McAfee Web Gateway (MWG) - Configuration/Environment manipulation vulnerability

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway MWG MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors...

3.4CVSS9.3AI score0.01239EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2018/07/04 12:0 a.m.80 views

ADB Group Manipulation Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege escalation via linux group manipulation product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202N...

0.8AI score0.06489EPSS
Exploits5
Cvelist
Cvelist
added 2018/06/17 4:0 p.m.17 views

CVE-2018-12338

Undocumented Factory Backdoor in ECOS System Management Appliance aka SMA 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access...

9.3AI score0.01535EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/15 7:0 p.m.17 views

CVE-2018-6223

A missing authentication for appliance registration vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to manipulate the registration process of the product to reset configuration parameters...

9.5AI score0.10565EPSS
Exploits5References3
0day.today
0day.today
added 2018/01/24 12:0 a.m.36 views

Asus Unauthenticated LAN Remote Command Execution Exploit

Exploit for hardware platform in category remote exploits Vulnerabilities Summary The following advisory describes two 2 vulnerabilities found in AsusWRT Version 3.0.0.4.380.7743. The combination of the vulnerabilities leads to LAN remote command execution on any Asus router. AsusWRT is “THE...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2018/01/22 12:0 a.m.725 views

Master IP CAM 01 Vulnerabilities

Some time ago I analized this ipcam with my friend Dzonerzy: var serialNum="VVVIPCSBC150617Z-06929VjmJH54vkK"; var model="RTIPC"; var hardVersion="5900-gc1004"; var softVersion="V3.3.4.2103-S50-SBC-B20150721E"; var ipcname="WIFICAM"; var startdate="2017-8-5 0:0:2"; var runtimes="0 day, 0:54"; var...

9.3AI score0.19804EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2017/04/06 12:0 a.m.334 views

Cisco IOS XE Smart Install Protocol Misuse (cisco-sr-20170214-smi)

The remote Cisco IOS XE device has the Smart Install Feature enabled. The Smart Install SMI protocol does not require authentication by design. The absence of an authorization or authentication mechanism in the SMI protocol between the integrated branch clients IBC and the director can allow a...

5.9AI score
Exploits0References1
Exploit DB
Exploit DB
added 2014/08/25 12:0 a.m.55 views

Innovaphone PBX Admin-GUI - Cross-Site Request Forgery

Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX Administration GUI Affected Versions: all known versions teste...

6.8CVSS6.5AI score0.01224EPSS
Exploits6
0day.today
0day.today
added 2014/08/22 12:0 a.m.65 views

Innovaphone PBX Cross Site Request Forgery Vulnerability

Innovaphone PBX suffers from cross site request forgery vulnerabilities in the administrative user interface. Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH,...

6.8CVSS6.6AI score0.01224EPSS
Exploits6
securityvulns
securityvulns
added 2014/03/31 12:0 a.m.73 views

SEC Consult SA-20140307-0 :: Unauthenticated access &amp; manipulation of settings in Huawei E5331 MiFi mobile hotspot

SEC Consult Vulnerability Lab Security Advisory 20140307-0 ======================================================================= title: Unauthenticated access & manipulation of settings product: Huawei E5331 MiFi mobile hotspot vulnerable version: Software version 21.344.11.00.414 fixed version...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.25 views

openSUSE Security Update : NetworkManager-gnome (NetworkManager-gnome-563)

The NetworkManager configuration was too permissive and allowed any user to read secrets CVE-2009-0365 or manipulate the configuration of other users CVE-2009-0578. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.2CVSS7.7AI score0.00785EPSS
Exploits2References3
Rows per page
Query Builder