Lucene search
K

46 matches found

BDU FSTEC
BDU FSTEC
added 2024/03/25 12:0 a.m.5 views

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) JetBrains TeamCity, related to the use of dangerous methods or functions, allows attackers to increase their privileges.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges...

4.2CVSS5.5AI score0.00234EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.5 views

The vulnerability of the UpsScheduler class in the software for managing power sources of Voltronic Power ViewPower allows a perpetrator to execute arbitrary code.

The vulnerability of the UpsScheduler class in the software for managing power sources of Voltronic Power ViewPower is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through a specially created request...

10CVSS8.2AI score0.01483EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.4 views

The vulnerability of the MacMonitorConsole class in the software for controlling power sources of Voltronic Power ViewPower allows a hacker to execute arbitrary code.

The vulnerability of the MacMonitorConsole software class for controlling Voltronic Power ViewPower power sources is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through a specially created request...

10CVSS8.2AI score0.01483EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.9 views

The vulnerability of the Spreadsheet::ParseExcel library in email security gateways of the Barracuda Email Security Gateway Appliance, related to the use of dangerous methods or functions, allows attackers to execute arbitrary code.

The vulnerability of the Spreadsheet::ParseExcel library, a microprogramming solution for email security gateways like Barracuda Email Security Gateway Appliance, is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow an attacker to execute arbitrary co...

10CVSS7.9AI score0.43323EPSS
Exploits2References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/10/31 12:0 a.m.4 views

The vulnerability of the EisBaer SCADA system, related to the use of dangerous methods or functions, allows a intruder to execute arbitrary codes.

The vulnerability of the EisBaer SCADA system is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

7.8CVSS8.1AI score0.00711EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/17 12:0 a.m.6 views

The vulnerability of the coreservice_action_script function in the D-View 8 network device management platform allows a hacker to execute arbitrary code.

The vulnerability of the coreserviceactionscript function in the D-View 8 network device management platform is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.02353EPSS
Exploits0References5
Kitploit
Kitploit
added 2023/10/15 11:30 a.m.27 views

JSpector - A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues

JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous methods found on the JS files. Prerequisites Before installing JSpector, you need to have Jython installed on Burp Suite. Installation 1. Download the late...

7.2AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.8 views

The vulnerability in the web server software for Inductive Automation Ignition allows a perpetrator to execute arbitrary code.

The vulnerability of Inductive Automation Ignition’s web server software-related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code on the target system or cause service failures...

8.3CVSS7.6AI score0.5582EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.5 views

The vulnerability of the SolarWinds Orion Platform’s network monitoring software lies in the use of dangerous methods or functions, allowing a malicious actor to execute arbitrary commands with privileges of NETWORK SERVICE.

The vulnerability of the SolarWinds Orion Platform’s network monitoring software is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a hacker to execute arbitrary commands with privileges of NETWORK SERVICE...

9CVSS7.6AI score0.05433EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/07 12:0 a.m.7 views

The vulnerability of the BioTime web-based time management platform’s interface, which allows a violator to bypass the administrator password

The vulnerability of the BioTime time tracking web management platform’s interface is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to bypass the administrator’s password by sending a specially crafted request...

9.4CVSS7.2AI score0.00355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.7 views

The vulnerability of the ApexOne Security Agent for antivirus software from Trend Micro, Apex One and Apex One as a Service, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the ApexOne Security Agent in antivirus software products Trend Micro Apex One and Apex One as a Service is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS7.5AI score0.00234EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/06/22 12:0 a.m.8 views

The vulnerability of the ApexOne Security Agent for antivirus software from Trend Micro, Apex One and Apex One as a Service, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the ApexOne Security Agent in antivirus software products Trend Micro Apex One and Apex One as a Service is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS7.5AI score0.00234EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/06/22 12:0 a.m.5 views

The vulnerability of the ApexOne Security Agent for antivirus software from Trend Micro, Apex One and Apex One as a Service, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the ApexOne Security Agent in antivirus software products Trend Micro Apex One and Apex One as a Service is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS7.5AI score0.00234EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.3 views

PT-2023-3290 · Trend Micro · Trend Micro Apex One Security Agent +1

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One Security Agent affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the Trend Micro Apex One a...

7.8CVSS7.4AI score0.00234EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of Microsoft Exchange Server servers, related to the use of dangerous methods or functions, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Exchange Server servers is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS8.5AI score0.62104EPSS
Exploits0References5
PyPA
PyPA
added 2022/03/17 12:15 p.m.6 views

PYSEC-2022-165

The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. Note: Exploitation...

8CVSS7AI score0.01113EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/03/17 12:15 p.m.3 views

UBUNTU-CVE-2021-23556

The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. Note: Exploitation...

8CVSS7.4AI score0.01113EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2022/02/04 12:0 a.m.7 views

The vulnerability of the PIL.ImageMath.eval component in the Python Pillow image processing library, which is related to the use of dangerous methods or functions, allows attackers to execute arbitrary code.

The vulnerability of the PIL.ImageMath.eval function in the Python Pillow library is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the system by sending a specially crafted file to the vulnerable library...

10CVSS7.2AI score0.03399EPSS
Exploits0References12Affected Software6
Snyk
Snyk
added 2022/01/27 3:9 p.m.2 views

Exposed Dangerous Method or Function

Overview guake is a Guake Terminal Affected versions of this package are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via...

8CVSS6.8AI score0.01113EPSS
Exploits1References2
ICS
ICS
added 2021/04/13 12:0 a.m.40 views

Siemens and PKE Control Center Server

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens/PKE Equipment: Control Center Server CCS Vulnerabilities: Cleartext Storage of Sensitive Information in GUI, Improper Authentication, Relative Path Traversal, Use of a Broken or Risky...

9.9CVSS9.8AI score0.02647EPSS
Exploits0References8
Rows per page
Query Builder