CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

116 matches found

seebug.org•added 2018/07/30 12:0 a.m.•557 views

Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability(CVE-2018-3879)

Summary An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the...

0.1AI score0.00337EPSS

Exploits2

Talos•added 2018/07/26 12:0 a.m.•38 views

Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability

Summary An exploitable JSON injection vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the...

8.8CVSS8.8AI score0.00337EPSS

Exploits2

NVD•added 2018/06/01 2:29 p.m.•18 views

CVE-2018-7950

The iBMC Intelligent Baseboard Management Controller of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to...

9CVSS8.8AI score0.00315EPSS

Exploits0References1

OSV•added 2018/06/01 2:29 p.m.•0 views

CVE-2018-7951

8.8CVSS5.8AI score

Exploits0References1

Prion•added 2018/06/01 2:29 p.m.•17 views

Input validation

9CVSS8.7AI score0.00315EPSS

Exploits0References1Affected Software20

Prion•added 2018/06/01 2:29 p.m.•15 views

Input validation

9CVSS8.7AI score0.00315EPSS

Exploits0References1Affected Software20

NVD•added 2018/06/01 2:29 p.m.•17 views

CVE-2018-7951

9CVSS8.8AI score0.00315EPSS

Exploits0References1

Cvelist•added 2018/06/01 2:0 p.m.•18 views

CVE-2018-7950

8.8AI score0.00315EPSS

Exploits0References1

CVE•added 2018/06/01 2:0 p.m.•51 views

CVE-2018-7951

The CVE-2018-7951 issue affects the iBMC of some Huawei servers. It arises from insufficient input validation and enables an authenticated, remote attacker to perform a JSON injection that can change the administrator password, potentially granting system management privileges. The Huawei advisor...

9CVSS8.6AI score0.00315EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/06/01 2:0 p.m.•11 views

CVE-2018-7951

8.8AI score0.00315EPSS

Exploits0References1

CVE•added 2018/06/01 2:0 p.m.•47 views

CVE-2018-7950

The CVE-2018-7950 issue affects the iBMC (Intelligent Baseboard Management Controller) in some Huawei servers, caused by insufficient input validation in JSON handling. An authenticated, remote attacker can perform a JSON injection to change the administrator password, enabling management privile...

9CVSS8.6AI score0.00315EPSS

Exploits0References1Affected Software1

ThreatPost•added 2018/05/31 7:3 p.m.•26 views

Huawei Patches Four Server Bugs Rated High Severity

Huawei Technologies warned customers of four vulnerabilities rated high that impact 20 of its server models. Patches are available for each of the bugs that range from an authentication bypass vulnerability, privilege escalation vulnerability and two JavaScript Object Notation JSON injection...

6.5CVSS1.2AI score0.00283EPSS

Exploits0References8

Huawei•added 2018/05/30 12:0 a.m.•34 views

Security Advisory - Two JSON Injection Vulnerabilities in Some Huawei Servers

The iBMC Intelligent Baseboard Management Controller of some Huawei servers have two JSON injection vulnerabilities due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers t...

9CVSS9.2AI score0.00315EPSS

Exploits0Affected Software20

CNVD•added 2018/05/28 12:0 a.m.•1 views

Huawei 1288H V5 and 2288H V5 JSON Injection Vulnerability (CNVD-2018-10504)

The Huawei 1288H V5 and 2288H V5 are both rackmount server units from Huawei, a Chinese company. A security vulnerability exists in Huawei 1288H V5 and 2288H V5 version V100R005C00, which originates from the program failing to adequately validate input. A remote attacker can exploit the...

8.8CVSS7AI score0.00128EPSS

Exploits0References1

CNVD•added 2018/05/28 12:0 a.m.•1 views

Huawei 1288H V5 and 2288H V5 JSON Injection Vulnerability

8.8CVSS7AI score0.00128EPSS

Exploits0References1

CNVD•added 2018/05/26 12:0 a.m.•1 views

Huawei 1288H and 2288H Rack Server JSON Injection Vulnerability

Huawei 1288H V5 and 2288H V5 are both rack routers that can be widely used for cloud virtualization, database, big data and other loads. A JSON injection vulnerability exists in the V100R005C00 software of the Huawei 1288H V5 and 2288H V5. The vulnerability stems from the program failing to...

8.8CVSS9AI score0.00128EPSS

Exploits0References1

NVD•added 2018/05/24 2:29 p.m.•13 views

CVE-2018-7902

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management...

8.8CVSS8.9AI score0.00128EPSS

Exploits0References1

NVD•added 2018/05/24 2:29 p.m.•16 views

CVE-2018-7904

8.8CVSS8.9AI score0.00128EPSS

Exploits0References1

Prion•added 2018/05/24 2:29 p.m.•14 views

Design/Logic Flaw

4CVSS8.8AI score0.00128EPSS

Exploits0References1Affected Software2

OSV•added 2018/05/24 2:29 p.m.•1 views

CVE-2018-7902