Lucene search
K

113 matches found

Cvelist
Cvelist
added 2022/08/10 4:4 p.m.29 views

CVE-2022-38129

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...

9.8AI score0.1838EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/08/10 12:0 a.m.4 views

PT-2022-24222 · Keysight · Keysight Sensor Management Server

Name of the Vulnerable Software and Affected Versions: Keysight Sensor Management Server SMS affected versions not specified Description: A path traversal issue exists in the addLicenseFile method of the com.keysight.tentacle.licensing.LicenseManager class. This allows an unauthenticated remote...

9.8CVSS9.5AI score0.1838EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.3 views

Keysight Technologies Sensor Management Server 路径遍历漏洞

Keysight Technologies Sensor Management Server is a sensor management server from Keysight Technologies, USA. A security vulnerability exists in Keysight Technologies Sensor Management Server SMS, which stems from its com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method that allow...

9.8CVSS8.4AI score0.1838EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/08/10 12:0 a.m.5 views

PT-2022-24224

Name of the Vulnerable Software and Affected Versions No specific software version is mentioned, so the affected software is: Keysight SMS affected versions not specified Description The issue concerns the com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method, which is used to...

9.8CVSS9.1AI score0.53389EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/08/01 12:0 a.m.7 views

The vulnerability in the implementation of the UserFirmwareRequestHandler class in the microprogramming software for sensors for monitoring the Keysight N6841A, as well as the microprogramming software for geolocation servers from Keysight, N6854A, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the UserFirmwareRequestHandler class implementation in the microprogramming software for sensors monitoring the Keysight N6841A spectrum, as well as the microprogramming software for geolocation servers from Keysight, the N6854A, is related to errors in processing the relativ...

7.8CVSS7.2AI score0.1506EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/07/21 12:0 a.m.9 views

The vulnerability of the Spring Framework configuration implementation for microprogramming sensors for monitoring the Keysight N6841A RF device and the Keysight N6854A geolocation sensors allows a perpetrator to execute arbitrary code.

The vulnerability of the Spring Framework configuration for microprogramming sensors for monitoring Keysight N6841A RF devices, as well as the microprogramming software for geolocation systems from Keysight N6854A, lies in the recovery of unreliable data structures in memory. Exploiting this...

10CVSS8.2AI score0.15968EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.21 views

Keysight Technologies Sensor Management Server Detection

Binary data keysightsmsdetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.80 views

Keysight Technologies Sensor Management Server Deserialization RCE (CVE-2022-1660)

Binary data keysightsmscve-2022-1660.nbin...

10CVSS9.6AI score0.15968EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/05/31 7:36 p.m.7 views

CVE-2022-1661 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...

7.5CVSS6.8AI score0.1506EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/31 7:36 p.m.42 views

CVE-2022-1661 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...

7.5CVSS7.7AI score0.1506EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/05/31 7:34 p.m.5 views

CVE-2022-1660 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code...

9.8CVSS7.4AI score0.15968EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/31 7:34 p.m.28 views

CVE-2022-1660 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code...

9.8CVSS9.9AI score0.15968EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/27 12:0 a.m.4 views

多款Keysight Technologies产品代码问题漏洞

Keysight Technologies N6854A Geolocation server and Keysight Technologies N6841A RF Sensor are both products of Keysight Technologies, Inc.Keysight Technologies Keysight Technologies N6854A Geolocation server is a geolocation server.Keysight Technologies N6841A RF Sensor is an RF sensor. It is us...

10CVSS8.9AI score0.15968EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/05/27 12:0 a.m.6 views

多款Keysight Technologies产品路径遍历漏洞

Keysight Technologies N6854A Geolocation server and Keysight Technologies N6841A RF Sensor are both products of Keysight Technologies, Inc.Keysight Technologies Keysight Technologies N6854A Geolocation server is a geolocation server.Keysight Technologies N6841A RF Sensor is an RF sensor. It is us...

7.5CVSS7.6AI score0.1506EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2022/05/27 12:0 a.m.19 views

KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UserFirmwareRequestHandler class. The issue results from the lack ...

7.5CVSS1AI score0.1506EPSS
Exploits0References1
ICS
ICS
added 2022/05/26 12:0 a.m.51 views

Keysight N6854A Geolocation server and N6841A RF Sensor software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Keysight Technologies, Inc. Equipment: N6854A Geolocation server and N6841A RF Sensor software Vulnerabilities: Relative Path Traversal, Deserialization of Untrusted Data 2. RISK EVALUATION Successful...

10CVSS9.7AI score0.15968EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/12/30 12:0 a.m.7 views

PT-2021-7266 · Keysight · Keysight N6854A Geo Location Server +1

Name of the Vulnerable Software and Affected Versions: Keysight N6841A RF Sensor versions affected versions not specified Keysight N6854A Geo Location Server versions affected versions not specified Description: The issue is related to directory traversal errors in the UserFirmwareRequestHandler...

7.8CVSS7.2AI score0.1506EPSS
Exploits0References6
OSV
OSV
added 2020/12/15 11:15 p.m.4 views

CVE-2020-35122

An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection...

7.5CVSS7.2AI score0.00823EPSS
Exploits0References1
NVD
NVD
added 2020/12/15 11:15 p.m.25 views

CVE-2020-35121

An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro...

8.8CVSS8.6AI score0.00991EPSS
Exploits0References1
NVD
NVD
added 2020/12/15 11:15 p.m.16 views

CVE-2020-35122

An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection...

7.5CVSS7.7AI score0.00823EPSS
Exploits0References1
Rows per page
Query Builder