1073 matches found
CVE-2020-3598
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...
Design/Logic Flaw
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...
CVE-2020-3598 Cisco Vision Dynamic Signage Director Missing Authentication Vulnerability
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...
CVE-2020-3598 Cisco Vision Dynamic Signage Director Missing Authentication Vulnerability
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...
Cisco Vision Dynamic Signage Director Missing Authentication Vulnerability
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...
The vulnerability of the JunOS operating system, related to synchronization errors when using shared resources, allows a hacker to alter the device’s configuration.
The vulnerability of the JunOS operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to modify the device’s configuration...
CVE-2020-25058
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The networkmanagement service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 July 2020...
CVE-2020-25058
CVE-2020-25058 affects LG mobile devices running Android 8.0–10, where the network_management service fails to properly restrict configuration changes. Root cause: insufficient access control in the network_management component. Impact is stated as high across confidentiality, integrity, and avai...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Trustpoint Configuration Defaults
Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software can be configured for certificate authentication in remote access VPN deployments. An external researcher has identified several misconfigured Cisco ASA and FTD Software remote access devices where the...
Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication) Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link:...
CVE-2020-3229 Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
A vulnerability in Role Based Access Control RBAC functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administrati...
CVE-2020-8168
We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site reques...
[SECURITY] [DSA 4680-1] tomcat9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4680-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...
Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability
A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center KDC and bypass authentication on an affected device that is configured to perform Kerberos...
CVE-2019-20771
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 August 2019...
CVE-2019-20771
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 August 2019...
Default configuration
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 August 2019...
CVE-2019-20771
CVE-2019-20771 affects LG mobile devices running Android 7.x–9.x. The WapService component is vulnerable to unconfirmed configuration changes via a modified OMACP message, enabling change of device configuration without user confirmation. Root cause: unverified OMACP processing in WapService (LG ...
CVE-2019-16879
The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...
Cross-site Request Forgery (CSRF)
ipa is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists as a remote attacker could trick a user, who was logged into the management web interface, into visiting a specially-crafted URL, the attacker could perform Red Hat Identity Management configuration changes with the...