Lucene search
K

343 matches found

exploitpack
exploitpack
added 2013/07/13 12:0 a.m.28 views

Tri-PLC Nano-10 r81 - Denial of Service

Tri-PLC Nano-10 r81 - Denial of Service Exploit Title: Tri-PLC Nano-10 DoS Date: 07/11/2013 Exploit Author: Sapling Vendor Homepage: www.tri-plc.com Version: Firmware Version r81 and prior CVE : CVE-2013-2784 ICSA: ICSA-13-189-02 / The vulnerability exists due to a flaw in the PLC's ability to...

7.8CVSS6.6AI score0.04041EPSS
Exploits5
Cisco
Cisco
added 2013/07/11 8:6 p.m.23 views

Cisco TC Software Empty Password Validation Vulnerability

A vulnerability in the web portal of Cisco TelePresence endpoints running TC software could allow an unauthenticated, remote attacker to log in with any password. The vulnerability is due to a failure of the Cisco TelePresence endpoints to require an exact match for the password before the user h...

4.3CVSS6.9AI score0.01176EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/10 1:57 p.m.23 views

Cisco Virtualization Experience Client Privilege Escalation Vulnerability

A vulnerability in the function handling the operating system permissions of Cisco Virtualization Experience Client 6000 Series could allow an authenticated, local attacker to take full control of the affected system. The vulnerability is due to improper implementation of the permissions for the...

6.8CVSS2.8AI score0.00335EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/26 7:33 p.m.19 views

Cisco Prime for HCS Assurance Information Disclosure Vulnerability

A vulnerability in web framework could allow an unauthenticated, remote attacker to access information about internal file system resources such as paths and names of files and directories. The vulnerability is due to insufficient security hardening of replies to crafted HTTP requests. An attacke...

5CVSS0.6AI score0.01186EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/25 5:26 p.m.22 views

Cisco Jabber Video Engine Denial of Service Vulnerability

A vulnerability in Cisco's Precision Video Engine CVPE code could allow an unauthenticated, remote attacker to cause the crash of various processes and the disconnection of any active calls. The vulnerability is due to improper handling of crafted Real-Time Protocol RTP packets sent at a high rat...

5CVSS1.5AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/17 8:16 p.m.23 views

Cisco ASA-CX TCP Traffic Denial of Service Vulnerability

A vulnerability processing TCP traffic on Cisco ASA CX could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to invalid parsing of TCP packet data forwarded to Cisco ASA CX by the Cisco ASA. An attacker could exploit this vulnerability ...

5.4CVSS3AI score0.0133EPSS
Exploits0References1
Cisco
Cisco
added 2013/04/29 8:32 p.m.23 views

Cisco Nexus 7000 Frame Forwarding Loop Denial of Service Vulnerability

Cisco NX-OS Software running on Nexus 7000 Series Switches contains a vulnerability that could allow an unauthenticated, remote attacker with access to an adjacent network to cause a denial of service DoS condition. The vulnerability is due to mishandling of a specific type of nonstandard Etherne...

6.1CVSS2.2AI score0.00563EPSS
Exploits0References1
Cisco
Cisco
added 2013/04/12 6:27 p.m.25 views

Cisco Jabber Extensible Communications Platform Connection Manager Vulnerability

A vulnerability in the Connection Manager component of Cisco Jabber Extensible Communications Platform Jabber XCP could allow an unauthenticated, remote attacker to crash the login connection manager service. The vulnerability is due to insufficient checking of received login data. An attacker...

5CVSS1.2AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
added 2013/03/06 6:23 p.m.22 views

Cisco Small Business Switches SSH Packet Processing Denial of Service Vulnerability

Cisco Small Business Switches contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition to features that rely on SSH or SSL protocols. The vulnerability is due to the processing flaw in malformed packets in the code used by SSH and SSL...

5CVSS0.8AI score0.01553EPSS
Exploits0References1
Cisco
Cisco
added 2013/01/22 9:3 p.m.22 views

Cisco TelePresence Video Communication Server Policy Services Security Bypass Vulnerability

Cisco TelePresence Video Communication Server VCS contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system. The vulnerability is due to improper processing of certain search rules processed by the affected software. An...

5CVSS2.3AI score0.01046EPSS
Exploits0References1
Cisco
Cisco
added 2012/05/16 7:28 p.m.22 views

Cisco ASA 5500 Series Adaptive Security Appliance Cut-Through Proxy Authentication Information Disclosure Vulnerability

Cisco ASA 5500 Series Adaptive Security Appliance firmware contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability is due to improper proxy authentication during attempts to cut through a targeted system...

4.3CVSS6.6AI score0.02231EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/02/08 7:45 p.m.5 views

SquirrelMail: Mail Fetch plugin -- port-scans via non-standard POP3 server ports

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number...

6.5CVSS6.7AI score0.02676EPSS
Exploits0References4
Cisco
Cisco
added 2011/05/25 3:16 p.m.32 views

Cisco RVS4000 and WRVS4400N Gigabit Security Routers Firmware SSL Key Disclosure Vulnerability

The firmware of Cisco RVS4000 4-port Gigabit Security Routers and WRVS4400N Wireless-N Gigabit Security Routers contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information from a targeted device. The vulnerability is due to improper security...

5CVSS6.4AI score0.01166EPSS
Exploits0References1
Cisco
Cisco
added 2011/03/30 4:24 p.m.28 views

Cisco Secure Access Control System Password Modification Vulnerability

Cisco Secure Access Control System ACS contains a vulnerability that could allow an unauthenticated, remote attacker to modify user passwords. The vulnerability is due to improper security restrictions on user password change functions in the web-based management interface of the Cisco Secure ACS...

5CVSS6.6AI score0.1464EPSS
Exploits2References1
NVD
NVD
added 2010/06/22 5:30 p.m.15 views

CVE-2010-1638

The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's...

5CVSS6.6AI score0.01266EPSS
Exploits0References3
NVD
NVD
added 2010/06/22 5:30 p.m.25 views

CVE-2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number...

6.5CVSS6.1AI score0.02676EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2010/06/22 5:30 p.m.34 views

CVE-2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number...

6.5CVSS6.6AI score0.02676EPSS
Exploits0References1
Cvelist
Cvelist
added 2010/06/22 5:0 p.m.23 views

CVE-2010-1638

The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's...

6.6AI score0.01266EPSS
Exploits0References3
Prion
Prion
added 2009/07/30 7:30 p.m.18 views

Open redirect

Live Chat comlivechat component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string...

7.5CVSS7.2AI score0.02287EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2009/07/13 12:0 a.m.62 views

DDIVRT-2009-26 LogRover SQL Injection Authentication Bypass

Title ----- DDIVRT-2009-26 LogRover SQL Injection Authentication Bypass Severity -------- Medium Date Discovered --------------- May 12, 2009 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Geoff Humes and r@b13$ Vulnerability Description...

1AI score
Exploits0
Rows per page
Query Builder