CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

862 matches found

OSV•added 2021/04/28 1:15 a.m.•3 views

CVE-2021-3511

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and...

4.3CVSS5.8AI score0.00511EPSS

Exploits0References2

CNNVD•added 2021/04/27 12:0 a.m.•4 views

Buffalo broadband routers 安全漏洞

Buffalo Firmware is a networking device from Buffalo Japan. A security vulnerability exists in Buffalo broadband routers that originates from allowing an unauthenticated, remote attacker to gain access to information, such as configurations, via unspecified vectors. The following products and...

4.3CVSS5.2AI score0.00511EPSS

Exploits0References4

CNNVD•added 2021/04/12 12:0 a.m.•3 views

Liberty lisPBX 安全漏洞

Common Lisp Lispbox is Common Lisp open source an IDE. A security vulnerability exists in Liberty lisPBX version 2.0-4, which can be exploited by an attacker to remotely retrieve configuration backup files from /backup/lispbx-CONF-YYYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without...

7.5CVSS5.6AI score0.01046EPSS

Exploits0References2

FreeBSD•added 2021/04/08 12:0 a.m.•52 views

tomcat -- JNDI Realm Authentication Weakness in multiple versions

ilja.farber reports: Queries made by the JNDI Realm did not always correctly escape parameters. Parameter values could be sourced from user provided data eg user names as well as configuration data provided by an administrator. In limited circumstances it was possible for users to authenticate...

6.5CVSS3.3AI score0.09886EPSS

Exploits0References1

CNNVD•added 2021/03/03 12:0 a.m.•5 views

Cisco SD-WAN vManage 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage has an input validation error vulnerability that stems from insufficient input validation of certain commands by the...

5CVSS5.5AI score0.013EPSS

Exploits0References11

CNVD•added 2021/02/19 12:0 a.m.•10 views

Apache Airflow Access Control Error Vulnerability

Apache Airflow is an Apache project maintained by the open source community dedicated to scheduling and monitoring workflows, open sourced by Airbnb in October 2014 and graduated from the Apache Foundation in January 2019 to become the new Apache top-level project. Failure of proper access contro...

6.5CVSS6.5AI score0.02805EPSS

Exploits0References1

OSV•added 2021/02/17 5:15 p.m.•3 views

CVE-2021-1412

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...

6.5CVSS6.7AI score0.00971EPSS

Exploits0References1

OSV•added 2021/02/04 8:15 p.m.•2 views

CVE-2021-25244

An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton...

5.3CVSS6.1AI score0.01527EPSS

Exploits0References2

CNNVD•added 2021/02/04 12:0 a.m.•2 views

Trend Micro Worry-Free Business Security 访问控制错误漏洞

Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection solutions from Trend Micro. The product provides anti-spam, anti-virus, network security and e-mail protection. An access control error vulnerability exists in Trend Micro Worry-Free Business...

5.3CVSS6AI score0.01527EPSS

Exploits0References3

CNNVD•added 2021/02/03 12:0 a.m.•4 views

Cisco IOS和Cisco IOS XR 权限许可和访问控制问题漏洞

Cisco IOS XR software is a modular and fully distributed network operating system for service provider networks. An information disclosure vulnerability exists in the CLI parser in Cisco IOS XR versions prior to 7.1.2, 7.2.1, and 7.3.1. The vulnerability stems from insufficient application of...

5.5CVSS6.2AI score0.00343EPSS

Exploits0References3

OSV•added 2021/01/20 8:15 p.m.•2 views

CVE-2021-1129

A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA, and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to access general system information and...

5.3CVSS6.1AI score

Exploits0References1

CNVD•added 2020/12/22 12:0 a.m.•2 views

IBM Security Secret Server Information Disclosure Vulnerability (CNVD-2020-74625)

IBM Security Secret Server is a set of privileged access management solutions from IBM USA. The product supports password management, privileged account identification and privileged session access monitoring and logging. An information disclosure vulnerability exists in IBM Security Secret Serve...

6.3CVSS6AI score0.00495EPSS

Exploits0References1

OSV•added 2020/12/14 10:15 p.m.•5 views

CVE-2020-0459

In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with no additional execution privileges needed. User interacti...

3.3CVSS5.9AI score0.0015EPSS

Exploits0References1

NVD•added 2020/12/14 10:15 p.m.•26 views

CVE-2020-0459

3.3CVSS3.5AI score0.0015EPSS

Exploits0References1

ATTACKERKB•added 2020/12/14 10:15 p.m.•3 views

CVE-2020-0459

3.3CVSS5.6AI score0.0015EPSS

Exploits0References2

OSV•added 2020/10/21 7:15 p.m.•3 views

CVE-2020-3549

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center FMC Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation...

8.1CVSS7.3AI score0.00932EPSS

Exploits0References1