Lucene search
K

123 matches found

Cvelist
Cvelist
added 2019/10/02 7:6 p.m.27 views

CVE-2019-12683 Cisco Firepower Management Center SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS9.1AI score0.02965EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/10/02 7:6 p.m.11 views

CVE-2019-12683 Cisco Firepower Management Center SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS8.1AI score0.02965EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/10/02 7:6 p.m.7 views

CVE-2019-12682 Cisco Firepower Management Center SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS8.1AI score0.02965EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/02 7:6 p.m.26 views

CVE-2019-12682 Cisco Firepower Management Center SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS9.1AI score0.02965EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/02 7:6 p.m.25 views

CVE-2019-12680 Cisco Firepower Management Center SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS9.1AI score0.02965EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/02 12:0 a.m.7 views

PT-2019-3380 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to improper input validation in the web-based management interface, allowing an authenticated, remote attacker to execute arbitra...

9CVSS9AI score0.02965EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/10/02 12:0 a.m.4 views

PT-2019-3383 · Cisco · Cisco Firepower Management Center (Fmc)

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software. These...

9CVSS9.1AI score0.02965EPSS
Exploits0References3
CNVD
CNVD
added 2019/08/14 12:0 a.m.3 views

Denial of Service Vulnerability in Multiple Siemens Products (CNVD-2019-27702)

SCALANCE SC firewall is used to protect trusted industrial networks from untrusted networks. It allows input and output network connections to be filtered in different ways.SCALANCE X switches a are used to connect industrial components such as programmable logic controllers PLCs or human machine...

6.5CVSS6.7AI score0.01168EPSS
Exploits0References1
OSV
OSV
added 2019/08/13 9:15 p.m.3 views

CVE-2019-5280

The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attacks, leading to the affected phones registered...

6.5CVSS6.6AI score
Exploits0References1
ICS
ICS
added 2019/06/13 12:0 a.m.40 views

BD Alaris Gateway Workstation

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BD Becton, Dickinson and Company Equipment: Alaris Gateway Workstation Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Exploitation of...

5.3CVSS7.7AI score0.01675EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/06/12 1:47 p.m.13 views

CVE-2019-10925

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Val...

6.8AI score0.02265EPSS
Exploits0References3
NVD
NVD
added 2017/11/16 9:29 p.m.17 views

CVE-2017-16719

An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availabili...

7.5CVSS7.5AI score0.01711EPSS
Exploits0References2
CVE
CVE
added 2017/11/16 9:0 p.m.56 views

CVE-2017-16719

CVE-2017-16719 affects Moxa NPort 5110 (versions 2.2, 2.4, 2.6, 2.7), NPort 5130 (version 3.7 and prior), and NPort 5150 (version 3.7 and prior). The issue is an injection flaw that could allow an attacker to inject packets, potentially disrupting device availability. Public details in connected ...

7.5CVSS7.5AI score0.01711EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/11/16 9:0 p.m.24 views

CVE-2017-16719

An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availabili...

7.5AI score0.01711EPSS
Exploits0References2
NVD
NVD
added 2017/11/16 7:29 a.m.26 views

CVE-2017-12314

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The vulnerability is due to...

7.8CVSS7.3AI score0.00356EPSS
Exploits0References2
CVE
CVE
added 2017/11/16 7:0 a.m.44 views

CVE-2017-12314

Cisco FindIT Network Discovery Utility is affected by a DLL preloading vulnerability. An authenticated, local attacker could place a malicious DLL in the host’s search path, causing the utility to load the attacker’s DLL and partially compromise confidentiality, integrity, and availability on the...

7.8CVSS7.2AI score0.00356EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2017/11/15 4:0 p.m.45 views

Cisco FindIT Discovery Utility Insecure Library Loading Vulnerability

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity. The vulnerability is due to the application loading a...

4.8CVSS7.3AI score0.00356EPSS
Exploits0References1
NVD
NVD
added 2017/09/21 5:29 a.m.16 views

CVE-2017-12252

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality, and integrity. The vulnerability is due to the application loading a malicio...

7.8CVSS7.3AI score0.00356EPSS
Exploits0References2
Prion
Prion
added 2017/09/21 5:29 a.m.14 views

Design/Logic Flaw

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality, and integrity. The vulnerability is due to the application loading a malicio...

4.6CVSS7.3AI score0.00356EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2017/09/20 4:0 p.m.32 views

Cisco FindIT DLL Preloading Vulnerability

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality, and integrity. The vulnerability is due to the application loading a malicio...

5.3CVSS7.3AI score0.00356EPSS
Exploits0References1
Rows per page
Query Builder