Lucene search
+L

62 matches found

Cvelist
Cvelist
added 2024/01/12 12:55 a.m.43 views

CVE-2024-21607 Junos OS: MX Series and EX9200 Series: If the "tcp-reset" option used in an IPv6 filter, matched packets are accepted instead of rejected

An Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on MX Series and EX9200 Series allows an unauthenticated, network-based attacker to cause partial impact to the integrity of the device. If the "tcp-reset" option is added to the "reject" action in an IPv6 filter which...

5.3CVSS5.4AI score0.0031EPSS
Exploits0References2
Prion
Prion
added 2023/01/10 12:15 p.m.17 views

Code injection

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary cod...

4.6CVSS6.8AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2022/10/06 6:16 p.m.18 views

CVE-2022-40895

In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a difference in forgot password...

9.1CVSS0.01551EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/10/06 12:0 a.m.25 views

CVE-2022-40895

In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a difference in forgot password...

9.4AI score0.01551EPSS
Exploits1References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/06/21 6:0 a.m.31 views

Securing your IoT with Edge Secured-core devices

A recent study conducted by Microsoft in partnership with Ponemon Institute included a survey of companies that have adopted IoT solutions and 65 percent of them mentioned that security is a top priority when implementing IoT. Attacks targeting IoT devices put businesses at risk. Impacted devices...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/02 12:51 p.m.16 views

7 Ways to Defend Mobile Apps, APIs from Cyberattacks

There are two essential elements driving progress in today’s digital-first economy: Mobile applications and the application programming interfaces APIs that allow those applications to communicate and exchange data with each other. The growth in these two technologies has exposed users and their...

8.5AI score
Exploits0References8
Prion
Prion
added 2021/08/09 1:15 p.m.31 views

Input validation

A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device...

4.3CVSS5.5AI score0.01525EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/06/29 8:15 p.m.4 views

CVE-2021-22329

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect...

4.9CVSS5.8AI score0.00471EPSS
Exploits0References1
NVD
NVD
added 2021/06/29 8:15 p.m.22 views

CVE-2021-22329

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect...

4.9CVSS0.00471EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/29 7:5 p.m.24 views

CVE-2021-22329

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect...

5.3AI score0.00471EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2021/06/24 10:24 a.m.79 views

BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models

Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device. "As the attacker has the...

7.5CVSS1.1AI score0.00626EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2020/09/04 2:25 a.m.10 views

CVE-2020-3530 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The...

8.4CVSS7AI score0.00281EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/04/10 12:0 a.m.8 views

The vulnerability of the SINAMICS PERFECT HARMONY GH180 driver software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the device.

The vulnerability of SINAMICS PERFECT HARMONY GH180 driver software is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the device...

7.2CVSS6.7AI score0.00316EPSS
Exploits0References4
CNVD
CNVD
added 2020/04/08 12:0 a.m.7 views

Samsung Mobile Device Code Issue Vulnerability (CNVD-2020-33712)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a code issue vulnerability that can be exploited by attackers to compromise integrity...

5.3CVSS7.1AI score0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/12 1:47 p.m.14 views

CVE-2019-10925

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Val...

6.8AI score0.02265EPSS
Exploits0References3
Prion
Prion
added 2019/06/10 3:29 p.m.24 views

Design/Logic Flaw

There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability...

4.3CVSS4.6AI score0.00597EPSS
Exploits0References2
CVE
CVE
added 2019/06/10 2:34 p.m.55 views

CVE-2019-5243

CVE-2019-5243 relates to a clickjacking vulnerability in Huawei HG255s wireless router. The vulnerability allows an attacker to coerce a user into clicking a hidden or obscured element, potentially compromising the device’s integrity. The initial description and connected documents consistently r...

4.3CVSS4.6AI score0.00597EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/10/05 2:29 p.m.21 views

CVE-2018-15423

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...

4.7CVSS4.8AI score0.00922EPSS
Exploits0References1
Cisco
Cisco
added 2018/10/03 4:0 p.m.44 views

Cisco HyperFlex UI Clickjacking Vulnerability

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...

4.7CVSS1AI score0.00922EPSS
Exploits0References1
ICS
ICS
added 2018/04/17 12:0 p.m.95 views

Biosense Webster Carto 3 System Vulnerabilities

1. EXECUTIVE SUMMARY Biosense Webster Inc. BWI, a Johnson & Johnson company, has produced a software update that applies operating system patches and anti-virus signature updates to close known vulnerabilities in the operating system of the CARTO 3 System, a 3D cardiovascular mapping platform...

6.7AI score
Exploits0References19
Rows per page
Query Builder