Lucene search
K

312 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/08/09 12:0 a.m.26 views

(0Day) Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

4.9CVSS6.3AI score0.0111EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.9 views

PT-2023-26968 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. Although authentication is required to exploit this issue, the...

6.5CVSS5.3AI score0.0111EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/08/09 12:0 a.m.30 views

(0Day) (Pwn2Own) Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.6CVSS7.1AI score0.01252EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-26964 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this, the existing...

8.8CVSS6.9AI score0.01252EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-26966 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations, despite requiring authentication, which can be bypassed. The flaw exists...

6.5CVSS5.3AI score0.00959EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/08/09 12:0 a.m.19 views

(0Day) (Pwn2Own) Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the web...

6.6CVSS7.3AI score0.01252EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.7 views

PT-2023-26965 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create directories on affected installations, despite requiring authentication to exploit. The flaw exists within the handlin...

8.8CVSS7AI score0.01252EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.6 views

PT-2023-26967 · Nginx +1 · Nginx +1

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing...

8.8CVSS6.7AI score0.01252EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/08/09 12:0 a.m.20 views

(0Day) (Pwn2Own) Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

4.4CVSS7.3AI score0.00959EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/06/15 12:17 a.m.45 views

Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS6.7AI score0.04561EPSS
Exploits4References15
RedHat Linux
RedHat Linux
added 2023/05/24 5:13 p.m.72 views

Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.99931EPSS
Exploits52References18
Metasploit
Metasploit
added 2023/03/01 7:50 p.m.136 views

Softing Secure Integration Server Login Utility

This module will attempt to authenticate to a Softing Secure Integration Server. Module Options msf use auxiliary/scanner/http/softingsislogin msf auxiliarysoftingsislogin show actions ...actions... msf auxiliarysoftingsislogin set ACTION msf auxiliarysoftingsislogin show options ...show and set...

5.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 5:30 p.m.30 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to HTTP request smuggling due to CVE-2022-1705

Summary The IBM App Connect Enterprise Certified Container operator and IntegrationServer operands utilise Golang Go. The IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to HTTP request smuggling. This bulletin provides patch information to...

6.5CVSS7AI score0.01113EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/14 12:0 a.m.6 views

PT-2022-7027 · Softing · Softing Opc Ua C++ Sdk +1

Name of the Vulnerable Software and Affected Versions: Softing OPC UA C++ SDK versions affected versions not specified Softing Secure Integration Server versions affected versions not specified Description: The issue is related to the incorrect restriction of a directory path name with limited...

7.3CVSS7.3AI score
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.34 views

(Pwn2Own) Softing Secure Integration Server wbemcomn Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Softing Secure Integration Server. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.2CVSS3.9AI score0.09501EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.28 views

Softing Secure Integration Server Content-Type NULL Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the Content-Type HTTP header. The issu...

7.5CVSS1AI score0.01297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.23 views

(Pwn2Own) Softing Secure Integration Server OPC UA Messages NULL Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the the handling of OPC UA messages. The issue results...

7.5CVSS2AI score0.00852EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.43 views

Softing Secure Integration Server URI NULL Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the URI HTTP header. The issue results...

7.5CVSS0.8AI score0.01297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.44 views

(Pwn2Own) Softing Secure Integration Server UnZipFolder Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.2CVSS4.4AI score0.10229EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.33 views

(Pwn2Own) Softing Secure Integration Server Use of Default Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default configuration of user accounts. The configuration contains...

9.8CVSS3.6AI score0.00851EPSS
Exploits0References1
Rows per page
Query Builder