Lucene search
K

637 matches found

NVD
NVD
added 2015/07/16 9:59 p.m.16 views

CVE-2015-0725

Cisco Videoscape Distribution Suite Service Broker aka VDS-SB, when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming aka VDS-IS or CDS-IS before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service device reload via a...

7.8CVSS6.7AI score0.01939EPSS
Exploits0References2
Prion
Prion
added 2015/07/16 9:59 p.m.16 views

Code injection

Cisco Videoscape Distribution Suite Service Broker aka VDS-SB, when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming aka VDS-IS or CDS-IS before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service device reload via a...

7.8CVSS7.2AI score0.01939EPSS
Exploits0References2Affected Software2
UbuntuCve
UbuntuCve
added 2015/06/04 12:0 a.m.31 views

CVE-2013-1753

The gzipdecode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service memory consumption via a crafted HTTP request...

7.5CVSS6.9AI score0.03913EPSS
Exploits0References3
CVE
CVE
added 2015/05/30 2:0 p.m.49 views

CVE-2015-0745

CVE-2015-0745 affects Cisco Headend System Release. The issue stems from improper input validation of HTTP request headers, allowing remote unauthenticated attackers to craft requests (via URL manipulation) to read temporary script or archive files and obtain sensitive information. Impact is info...

5CVSS6.5AI score0.01948EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2015/05/07 1:0 a.m.19 views

CVE-2015-0701

Cisco UCS Central Software before 1.31a allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961...

7.5AI score0.04514EPSS
Exploits0References3
Prion
Prion
added 2015/05/01 10:59 a.m.15 views

Cross site request forgery (csrf)

EasyCTF before 1.4 does not validate the session ID, which allows remote attackers to obtain access via a crafted HTTP request...

5CVSS7.1AI score0.01704EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/02/26 12:0 a.m.35 views

Symantec Data Center Security Server SQLi (SYM15-001)

The remote Symantec Data Center Security Server running on the remote host is affected by a SQL injection vulnerability in the '/sis-ui/authenticate' script on the web console interface. A remote attacker, using a crafted HTTP request, can exploit this to execute SQL queries, allowing the...

6.5CVSS5.9AI score0.04554EPSS
Exploits4References2
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.10 views

Apache HTTP Server mod_dav MERGE Request Denial of Service - Ver2 (CVE-2013-1896)

A denial of service vulnerability has been reported in the moddav component of Apache HTTP Server. The vulnerability is due to a NULL pointer dereference when processing a MERGE request with a URI whose source href points to a non-DAV configured URI. A remote attacker can send a crafted HTTP...

4.3CVSS1.3AI score0.29484EPSS
Exploits3
Prion
Prion
added 2014/10/19 1:55 a.m.23 views

Cross site request forgery (csrf)

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request...

4.3CVSS6.9AI score0.01262EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2014/10/03 6:55 p.m.23 views

CVE-2014-0754

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103...

10CVSS6.7AI score0.08978EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2014/09/16 12:0 a.m.37 views

Cart Engine 3.0 XSS / Open Redirect / SQL Injection

=== Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially crafted HTTP request, it is possible to exploi...

0.3AI score
Exploits0
NVD
NVD
added 2014/07/18 12:55 a.m.15 views

CVE-2014-3306

The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, EPC3010, EPC3212, EPC3825, and EPC3925 Wireless Residential Gateway products allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCup40808...

10CVSS7.6AI score0.06955EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2014/07/03 12:0 a.m.1 views

EFS Software Easy File Management Web Server UserID Buffer Overflow

A stack buffer overflow vulnerability exist in Easy File Management Web Server. The vulnerability is due to an boundary error when handling UserID cookie. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted HTTP request to the vulnerable server...

2.1AI score
Exploits0
Prion
Prion
added 2014/04/15 11:13 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a crafted HTTP request to a 1 ColdFusion or 2 JavaScript component...

4.3CVSS6AI score0.0201EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/01/25 10:55 p.m.17 views

Directory traversal

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-16...

7.5CVSS8.1AI score0.70223EPSS
Exploits5References3Affected Software2
NVD
NVD
added 2013/10/05 10:55 a.m.15 views

CVE-2013-2808

Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote...

9.3CVSS8.1AI score0.04345EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/05 10:0 a.m.20 views

CVE-2013-2808

Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote...

8.1AI score0.04345EPSS
Exploits0References1
CVE
CVE
added 2013/10/05 10:0 a.m.62 views

CVE-2013-2808

Philips Xper vulnerability CVE-2013-2808 is a heap-based buffer overflow in Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Flex Cardio XperConnect broker environments. The issue allows remote execution of code via a cra...

9.3CVSS8.4AI score0.04345EPSS
Exploits0References1Affected Software2
Metasploit
Metasploit
added 2013/06/15 10:23 p.m.37 views

Canon Wireless Printer Denial Of Service

The HTTP management interface on several models of Canon Wireless printers allows for a Denial of Service DoS condition via a crafted HTTP request. Note: if this module is successful, the device can only be recovered with a physical power cycle. This module requires Metasploit:...

5CVSS0.6AI score0.15641EPSS
Exploits3
Cisco
Cisco
added 2013/05/30 7:48 p.m.41 views

Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability

A vulnerability in the dorewritelog function of Apache HTTP Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper handling of certain escape sequences by the affected software. An unauthenticated, remote attacker could...

4.3CVSS0.3AI score0.24886EPSS
Exploits2References1
Rows per page
Query Builder