Lucene search
K

103 matches found

CNNVD
CNNVD
added 2020/12/18 12:0 a.m.6 views

Marvell QConvergeConsole GUI 路径遍历漏洞

Marvell QConvergeConsole QCC is a unified adapter management software across data centers from Marvell. The software is primarily used for Ethernet and Fibre Channel adapter management, among other things. A path traversal vulnerability exists in the Marvell QConvergeConsole GUI version 5.5.0.74,...

8.5CVSS7.4AI score0.01706EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/12 8:6 a.m.24 views

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale GUI where an unauthorised user can execute commands (CVE-2020-4348)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale GUI that could allow an unauthorised user to execute commands . A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4348 DESCRIPTION: IBM Spectrum Scale could allow an authenticat...

6.5CVSS1AI score0.00759EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/08/09 6:15 p.m.2 views

CVE-2019-5408

Command View Advanced Edition CVAE products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version...

6.5CVSS6.6AI score0.01557EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/18 12:0 a.m.3 views

Cisco Wireless LAN Controller Software GUI Elevation of Privilege Vulnerability

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. The Cisco Wireless LAN Controller Software GUI elevation of privilege vulnerability is caused by incorrect...

7.8CVSS7.8AI score0.03163EPSS
Exploits0References1
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-2904

Vulnerability in the Oracle Communications EAGLE LNP Application Processor component of Oracle Communications Applications subcomponent: GUI. The supported version that is affected is 10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.5CVSS7.3AI score0.01695EPSS
Exploits0References3
OSV
OSV
added 2017/09/29 1:34 a.m.3 views

CVE-2017-12226

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...

8.8CVSS5.8AI score0.03236EPSS
Exploits0References4
OSV
OSV
added 2017/04/20 10:59 p.m.3 views

CVE-2017-6618

A vulnerability in the web-based GUI of Cisco Integrated Management Controller IMC 3.01c could allow an authenticated, remote attacker to perform a cross-site scripting XSS attack. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker cou...

5.4CVSS6.1AI score0.00928EPSS
Exploits0References2
NVD
NVD
added 2017/02/15 8:59 p.m.17 views

CVE-2017-3801

A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. The vulnerability is due to improper role-based access control RBAC...

8.8CVSS8.8AI score0.00333EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/02/09 12:0 a.m.7 views

The vulnerability of the Oracle VM VirtualBox virtual machine allows a hacker to gain access to data reading, modify data, or cause a partial service failure.

The vulnerability of the GUI component of the Oracle VM VirtualBox lies in security configuration errors. Exploiting this vulnerability allows a malicious actor to gain read access to data, modify, add, or delete data, or cause partial service failure through HTTP requests...

6.8CVSS6.9AI score0.01488EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/01/27 10:59 p.m.2 views

CVE-2017-3316

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

8.4CVSS7.3AI score0.06961EPSS
Exploits4References5
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

UBUNTU-CVE-2017-3316

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

8.4CVSS7.2AI score0.06961EPSS
Exploits4References4
CNVD
CNVD
added 2017/01/20 12:0 a.m.13 views

Oracle VM VirtualBox Remote Vulnerability

Oracle Virtualization Oracle VirtualBox is a virtual machine component of Oracle's virtualization solution. A security vulnerability exists in the GUI subcomponent of the Oracle VM VirtualBox component in Oracle Virtualization. An attacker could exploit this vulnerability to compromise the...

8.4CVSS6.7AI score0.06961EPSS
Exploits4References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Communications Applications PCz Oracle Enterprise Communications Broker group

Oracle Communications is Oracle's suite of applications for rapidly delivering and monetizing digital life communications. oracle Enterprise Communications Broker is one of the components used to manage the enterprise voice, video, and unified communications network. An unspecified vulnerability...

6.8CVSS6.7AI score0.02745EPSS
Exploits0References1
NVD
NVD
added 2016/02/26 5:59 a.m.16 views

CVE-2016-1297

The Device Manager GUI in Cisco Application Control Engine ACE 4710 A5 before A53.1 allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with admin privileges via an unspecified parameter in a POST request, aka Bug ID CSCul84801...

9CVSS8.8AI score0.02801EPSS
Exploits0References2
CNVD
CNVD
added 2015/11/12 12:0 a.m.3 views

Cisco Connected Grid Network Management System Elevation of Privilege Vulnerability

Cisco Connected Grid Network Management System CG-NMS is an end-to-end smart grid management system from Cisco. A security vulnerability exists in the web GUI of Cisco CG-NMS version 3.00.35 and 3.00.54. A remote attacker can exploit the vulnerability via the Monitor-Only role to bypass establish...

4CVSS7AI score0.01382EPSS
Exploits0References1
exploitpack
exploitpack
added 2011/08/03 12:0 a.m.18 views

foomatic-gui python-foomatic 0.7.9.4 - pysmb.py Arbitrary Shell Command Execution

foomatic-gui python-foomatic 0.7.9.4 - pysmb.py Arbitrary Shell Command Execution source: https://www.securityfocus.com/bid/48982/info foomatic-gui is prone to a remote arbitrary shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An...

0.5AI score
Exploits0
OSV
OSV
added 2010/07/13 10:30 p.m.4 views

UBUNTU-CVE-2010-2397

Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI...

2.4CVSS5.8AI score0.00269EPSS
Exploits0References2
Prion
Prion
added 2008/06/20 11:48 a.m.19 views

Code injection

Unspecified vulnerability in the GUI in Symantec Altiris Notification Server Agent 6.x before 6.0 SP3 R8 allows local users to gain privileges via unknown attack vectors...

6.8CVSS6.7AI score0.00313EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2008/04/22 4:41 a.m.17 views

Code injection

The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote attackers to remove or modify packages via an apt:// URL...

5CVSS7.3AI score0.00983EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2006/07/21 9:0 p.m.27 views

CVE-2006-3785

Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif aka caller or CallerID file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin...

6.1AI score0.00398EPSS
Exploits0References3
Rows per page
Query Builder