Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-13514

Malware in sbrugna...

10CVSS9.2AI score0.02285EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-13520

Malware in sbrugna...

7.5CVSS7.5AI score0.00652EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-31304

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00652EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-31581

Malicious code in bioql PyPI...

6.5CVSS5.7AI score0.00443EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:28 p.m.19 views

CVE-2021-26732

A broken access control vulnerability in the Firstnetworkfunc function of spxrestservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

6.5CVSS6.9AI score0.00443EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:28 p.m.11 views

CVE-2021-26733

A broken access control vulnerability in the FirstResethandlerfunc function of spxrestservice allows an attacker to arbitrarily send reboot commands to the BMC, causing a Denial-of-Service DoS condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

7.5CVSS7.1AI score0.00652EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 3:47 a.m.21 views

CVE-2021-26729

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

10CVSS8.4AI score0.02285EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/06 3:46 a.m.21 views

CVE-2021-26730

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

10CVSS8.2AI score0.00978EPSS
Exploits0
NVD
NVD
added 2022/10/24 2:15 p.m.22 views

CVE-2021-44769

An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service DoS condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

6.5CVSS0.00418EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.4 views

CVE-2021-44769

An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service DoS condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

6.5CVSS5.8AI score0.00418EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.6 views

CVE-2021-46279

Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

8.8CVSS5.8AI score0.00399EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.4 views

CVE-2021-44467

A broken access control vulnerability in the KillDupUsrfunc function of spxrestservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service DoS condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A...

7.5CVSS5.8AI score0.00652EPSS
Exploits0References2
NVD
NVD
added 2022/10/24 2:15 p.m.29 views

CVE-2021-26728

Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsrfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

10CVSS0.02285EPSS
Exploits0References2
NVD
NVD
added 2022/10/24 2:15 p.m.34 views

CVE-2021-26729

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

10CVSS0.02285EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.6 views

CVE-2021-26729

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

9.8CVSS6.4AI score0.02285EPSS
Exploits0References2
Prion
Prion
added 2022/10/24 2:15 p.m.33 views

Stack overflow

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

7.5CVSS9.9AI score0.02285EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/10/24 2:15 p.m.18 views

Improper access control

A broken access control vulnerability in the FirstResethandlerfunc function of spxrestservice allows an attacker to arbitrarily send reboot commands to the BMC, causing a Denial-of-Service DoS condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

5CVSS7.5AI score0.00652EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/10/24 2:15 p.m.20 views

Session fixation

Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

6.8CVSS8.7AI score0.00399EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/24 12:0 a.m.36 views

CVE-2021-26732 spx_restservice First_network_func Broken Access Control

A broken access control vulnerability in the Firstnetworkfunc function of spxrestservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

6.5CVSS6.6AI score0.00443EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/24 12:0 a.m.31 views

CVE-2021-45925 Username Enumeration

Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

5.3CVSS5.5AI score0.00505EPSS
Exploits0References2
Rows per page
Query Builder