Lucene search
+L

113 matches found

OSV
OSV
added 2019/09/10 6:15 p.m.3 views

CVE-2019-11466

In Couchbase Server 6.0.0 and 5.5.0, the eventing service exposes system diagnostic profile via an HTTP endpoint that does not require credentials on a port earmarked for internal traffic only. This has been remedied in version 6.0.1 and now requires valid credentials to access...

5.3CVSS6AI score0.01106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/05/15 12:0 a.m.5 views

PT-2019-2369 · Cisco · Cisco Nx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software and Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on...

7.2CVSS4.9AI score0.00446EPSS
Exploits0References5
OSV
OSV
added 2018/12/11 5:29 p.m.9 views

UBUNTU-CVE-2018-19968

An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has...

6.5CVSS6.8AI score0.03254EPSS
Exploits0References6
OSV
OSV
added 2018/07/03 9:29 p.m.5 views

CVE-2017-0912

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

5.4CVSS5.9AI score0.00543EPSS
Exploits0References1
OSV
OSV
added 2018/06/25 3:29 p.m.7 views

CVE-2018-8755

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device...

9.8CVSS5.8AI score0.01082EPSS
Exploits2References1
OSV
OSV
added 2018/06/07 9:29 p.m.5 views

CVE-2018-0352

A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...

6.7CVSS5.8AI score0.00392EPSS
Exploits0References3
CNVD
CNVD
added 2018/06/04 12:0 a.m.3 views

Yestv camera has an override access vulnerability

Yestv yestv camera is wireless network wifi smart monitor. The yestv camera is vulnerable to an override access vulnerability. With the obtained address and username password, an attacker can exploit the vulnerability to obtain video information from the camera...

6.7AI score
Exploits0
OSV
OSV
added 2018/05/17 3:29 a.m.4 views

CVE-2018-0277

A vulnerability in the Extensible Authentication Protocol-Transport Layer Security EAP-TLS certificate validation during EAP authentication for the Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causi...

8.6CVSS5.8AI score0.0252EPSS
Exploits0References3
OSV
OSV
added 2017/11/30 9:29 a.m.9 views

CVE-2017-12351

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...

5.7CVSS5.8AI score0.00345EPSS
Exploits0References3
OSV
OSV
added 2017/07/17 9:29 p.m.4 views

CVE-2017-6737

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a...

8.8CVSS6.4AI score0.42632EPSS
Exploits0References5
0day.today
0day.today
added 2016/05/31 12:0 a.m.35 views

AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities

Exploit for cgi platform in category web applications AirOS NanoStation M2 v5.6-beta Arbitrary File Download & Remote Command Execution Tested on: XM.v5.6-beta5.24359.141008.1753 - Build: 2435 Linux Awesome 2.6.32.63 1 Wed Oct 8 17:54:30 EEST 2014 mips unknown Date: May 30, 2016 Informer: Pablo...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/08/20 12:0 a.m.19 views

Woltlab Burning Board 2.x - ModCP.php SQL Injection

Woltlab Burning Board 2.x - ModCP.php SQL Injection source: https://www.securityfocus.com/bid/14617/info Woltlab Burning Board is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2004/02/13 12:0 a.m.21 views

Sami FTP Server 1.1.3 - Library Crafted GET Remote Denial of Service

source: https://www.securityfocus.com/bid/9657/info Sami FTP Server has been reported prone to multiple remote denial of service vulnerabilities. It has been reported that an attacker who has sufficient credentials to access a vulnerable server, may cause the pmsystem.exe executable to raise a...

7.4AI score
Exploits0
Rows per page
Query Builder