Lucene search
K

899 matches found

CNVD
CNVD
added 2016/10/27 12:0 a.m.2 views

Cisco Email Security Appliance Remote Denial of Service Vulnerability

Cisco Email Security Appliance ESA is a set of e-mail security appliances from the American company Cisco Cisco. The appliance provides spam protection, email encryption, data loss prevention and other features. A remote denial of service vulnerability exists in the Cisco Email Security Appliance...

7.5CVSS6.7AI score0.01747EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.2 views

Abus Security Center 'FTP' HTML Injection Vulnerability

Abuse is a popular video game. An HTML injection vulnerability exists in Abus Security Center due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to execute arbitrary script code in the context of an affected browser to steal a user's...

7.8AI score
Exploits0References1
OSV
OSV
added 2016/10/05 5:59 p.m.4 views

CVE-2016-6416

The FTP service in Cisco AsyncOS on Email Security Appliance ESA devices 9.6.0-000 through 9.9.6-026, Web Security Appliance WSA devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance SMA devices allows remote attackers to cause a denial of service via a flood of FTP...

5.9CVSS5.8AI score0.0202EPSS
Exploits0References5
CNVD
CNVD
added 2016/09/29 12:0 a.m.5 views

Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability

Cisco AsyncOS on Email Security Appliance ESA and so on are products of Cisco Corporation.Cisco ESA is a set of email security appliances.Cisco Content Security Management Appliance SMA is a set of content security management appliances.Cisco Web Security Appliance WSA is a set of web security...

5.9CVSS6.5AI score0.0202EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/29 12:0 a.m.26 views

Cisco Content Security Management Appliance File Transfer Protocol Denial of Service Vulnerability (cisco-sa-20160928-aos)

A vulnerability in the local File Transfer Protocol FTP service on the Cisco AsyncOS for Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be...

5.9CVSS5.6AI score0.0202EPSS
Exploits0References2
Cisco
Cisco
added 2016/09/28 4:0 p.m.31 views

Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability

A vulnerability in the local File Transfer Protocol FTP service on the Cisco AsyncOS for Email Security Appliance ESA, Web Security Appliance WSA, and Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The...

4.3CVSS5.8AI score0.0202EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.6 views

The vulnerability of Fonality’s corporate telephony software allows a perpetrator to gain access to protected information.

The vulnerability of the Fonality corporate telephony software relates to the rigid encoding of registration data for FTP login records. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information via FTP or SSH connections...

10CVSS7.8AI score0.02465EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.9 views

The vulnerability of the microprogramming software of Schneider Electric’s Modicon Quantum programmable logic controllers allows a malicious individual to gain unauthorized access to the device.

The microprogrammed software of the 140NOE77111 module of Schneider Electric’s Modicon Quantum controller contains numerous login pairs—passwords that are pre-set by default. This allows any user who has access to the device via FTP protocol to gain authorized access to the device...

10CVSS5.5AI score0.0404EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.9 views

The vulnerability of the Cisco IronPort Email Security Appliance allows a malicious individual to execute arbitrary code.

The vulnerability in the SLBL service a check for reliable/locked users in Cisco AsyncOS, used by Email Security Appliances and Content Security Management Appliances, allows remote users who have passed authentication to execute arbitrary code with superuser privileges, by downloading a modified...

8.5CVSS6.1AI score0.02752EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.10 views

The vulnerability of the Dnsmasq software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Overfilling the buffer in dynamic memory in the tftprequest function in tftp.c in dnsmasq when using --enable-tftp allows malicious actors operating remotely to execute arbitrary code by using a long filename in the TFTP packet; for example, in a read request RRQ...

6.8CVSS6.2AI score0.12684EPSS
Exploits7References3Affected Software1
OSV
OSV
added 2016/07/02 2:59 p.m.5 views

CVE-2016-1440

The proxy process on Cisco Web Security Appliance WSA devices through 9.1.0-070 allows remote attackers to cause a denial of service CPU consumption by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468...

5.3CVSS5.8AI score0.01251EPSS
Exploits0References2
OSV
OSV
added 2016/06/30 5:59 p.m.2 views

DEBIAN-CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

8.8CVSS6.9AI score0.45935EPSS
Exploits8References1
OSV
OSV
added 2016/06/20 1:59 a.m.5 views

CVE-2016-2362

Fonality previously trixbox Pro 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a 1 FTP or 2 SSH connection...

9.8CVSS5.8AI score0.02465EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/05/31 12:0 a.m.6 views

The vulnerability of the PHP interpreter allows attackers to execute arbitrary code.

The vulnerability of the ftpgenlist function ext/ftp/ftp.c in the PHP interpreter is caused by a numerical overflow. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code with a long response to the LIST command...

7.5CVSS8.1AI score0.16948EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2016/05/21 12:0 a.m.3 views

Foreman Arbitrary Code Execution Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. A security vulnerability in the smart proxy TFTP API in Foreman versions 1.11.x before 1.10.4 and 1.11.2 before 1.11.2 can be exploited by a remote attacker to execute arbitrary code with the help of specially...

8.8CVSS8.8AI score0.02839EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/06 12:0 a.m.4 views

Pro-face GP-Pro EX Authentication Bypass Vulnerability

Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. The Pro-face GP-Pro EX has a security vulnerability due to the use of hard-coded certificates by the FTP server. A remote attacker could exploit the vulnerability to access items in the device...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2016/03/26 12:0 a.m.3 views

Cisco NCS6000 IOS XR Software Secure Copy Protocol and Secure FTP Denial of Service Vulnerabilities

Cisco IOS XR for Cisco NCS6000 is a network operating system from Cisco that runs in the NCS 6000 series routers. A security vulnerability exists in the SCP and SFTP modules in Cisco IOS XR Software versions 5.0.0 through 5.2.5 for Cisco NCS 6000 due to the program failing to properly set...

6.8CVSS6.8AI score0.0138EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.9 views

The vulnerability of the Signage Station presentation preparation program and the iArtist Lite presentation preparation utility, which allows a intruder to access protected information

The vulnerability of the Signage Station presentation preparation service and the iArtist Lite presentation preparation utility exists due to the rigid encoding of registration data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected informatio...

10CVSS7.7AI score0.01598EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2016/02/27 12:0 a.m.8 views

QNAP Systems iArtist Lite Hardcoding Vulnerability

QNAP Systems iArtist Lite is a suite of ad editing software for QNAP NAS. QNAP Systems iArtist Lite uses hard-coded FTP accounts and passwords, allowing remote attackers to sniff the network for FTP transfer data...

9.8CVSS9.2AI score0.01598EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/02/08 12:0 a.m.11 views

The vulnerability of the microprogramming software for Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL allows a hacker to read files during web access and gain administrator privileges.

The vulnerability of the FTP server for microprogrammed software-controlled Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL arises due to...

10CVSS5.5AI score0.05652EPSS
Exploits2References4Affected Software8
Rows per page
Query Builder