Lucene search
K

190 matches found

Trellix
Trellix
β€’added 2021/09/08 12:0 a.m.β€’67 views

How Groove Gang is Shaking up the RAAS to Empower Affiliates

ARCHIVED STORY How Groove Gang is Shaking up the Ransomware-as-a-Service Market to Empower Affiliates By Max Kersten, John Fokker and Thibault Seret Β· September 08, 2021 Co-authored with Intel471 and McAfee Enterprise Advanced Threat Research ATR would also like to thank Coveware for its...

0.2AI score0.9923EPSS
Exploits55
Zero Science Lab
Zero Science Lab
β€’added 2021/09/08 12:0 a.m.β€’211 views

ECOA Building Automation System Path Traversal Arbitrary File Upload

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

10CVSS7.8AI score0.02248EPSS
Exploits1
BDU FSTEC
BDU FSTEC
β€’added 2020/11/12 12:0 a.m.β€’5 views

The vulnerability of the Moxa MXView network control software is related to incorrect default access permissions settings, which allow a violator to execute arbitrary commands with privileges of a system user.

The vulnerability of the Moxa MXView network control software is related to incorrect default access rights settings. Exploiting this vulnerability allows a perpetrator to execute arbitrary commands with privileges of a system user...

9.3CVSS7.8AI score0.00544EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
β€’added 2019/08/14 12:0 a.m.β€’14 views

Johnson Controls MS-NCE2566-0 Metasys NCE Controller

Binary data 764889.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
β€’added 2019/08/14 12:0 a.m.β€’13 views

Johnson Controls MS-NCE2526-0 Metasys NCE Controller

Binary data 764891.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
β€’added 2019/08/14 12:0 a.m.β€’13 views

Johnson Controls MS-NCE2560-0 Metasys NCE Controller

Binary data 764890.prm...

7.3AI score
Exploits0
Vulnrichment
Vulnrichment
β€’added 2019/01/10 5:0 p.m.β€’9 views

CVE-2018-0482 Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...

5.4CVSS5.8AI score0.00876EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2019/01/10 5:0 p.m.β€’23 views

CVE-2019-5892

bgpd in FRRouting FRR aka Free Range Routing 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 not affecting Cumulus Linux or VyOS, when ENABLEBGPVNC is used for Virtual Network Control, allows remote attackers to cause a denial of service peering session flap via...

6.5AI score0.02718EPSS
Exploits0References7
CVE
CVE
β€’added 2019/01/10 5:0 p.m.β€’66 views

CVE-2018-0482

Cisco Prime Network Control System (NCS) web-based management interface contains a stored XSS vulnerability due to insufficient validation of user-supplied input. An authenticated, remote attacker could lure a user into clicking a malicious link, causing arbitrary script execution in the web inte...

5.4CVSS5.2AI score0.00876EPSS
Exploits0References2Affected Software1
OSV
OSV
β€’added 2019/01/10 4:29 p.m.β€’5 views

CVE-2018-0482

A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...

5.4CVSS6AI score0.00876EPSS
Exploits0References2
NVD
NVD
β€’added 2019/01/10 4:29 p.m.β€’26 views

CVE-2018-0482

A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...

5.4CVSS5.2AI score0.00876EPSS
Exploits0References2
Cisco
Cisco
β€’added 2019/01/09 4:0 p.m.β€’66 views

Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...

5.4CVSS1.3AI score0.00876EPSS
Exploits0References1
ICS
ICS
β€’added 2018/08/29 12:0 p.m.β€’84 views

Siemens OpenSSL Vulnerabilities (Update G)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-198-03F Siemens OpenSSL Vulnerabilities that was published October 16, 2014, on the NCCIC/ICS-CERT web site. --------- Begin Update G Part 1 of 3 -------- Siemens has identified four vulnerabilities in its OpenSS...

7.4CVSS7.9AI score0.95326EPSS
Exploits9References24
CNVD
CNVD
β€’added 2018/06/06 12:0 a.m.β€’7 views

Multiple Yokogawa Product Security Bypass Vulnerabilities

Yokogawa FCJ and others are Yokogawa's controllers for network control systems. A security bypass vulnerability exists in multiple Yokogawa products. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service in the context of an affected device...

10CVSS9.7AI score0.06939EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
β€’added 2018/02/16 12:0 a.m.β€’34 views

SUSE SLES12 Security Update : quagga (SUSE-SU-2018:0456-1)

This update for quagga fixes the security following issues : - The Quagga BGP daemon contained a bug in the ASPATH size calculation that could have been exploited to facilitate a remote denial-of-service attack via specially crafted BGP UPDATE messages. CVE-2017-16227, bsc1065641 - The Quagga BGP...

9.8CVSS7.2AI score0.74599EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
β€’added 2017/10/04 12:0 a.m.β€’26 views

FreeBSD : FreeBSD -- heimdal KDC-REP service name validation vulnerability (420243e9-a840-11e7-b5af-a4badb2f4699)

There is a programming error in the Heimdal implementation that used an unauthenticated, plain-text version of the KDC-REP service name found in a ticket. Impact : An attacker who has control of the network between a client and the service it talks to will be able to impersonate the service,...

6.5CVSS7AI score0.00992EPSS
Exploits0References2
Fedora
Fedora
β€’added 2017/06/16 1:28 p.m.β€’10 views

[SECURITY] Fedora 26 Update: network-manager-applet-1.8.2-1.fc26

This package contains a network control and status notification area applet for use with NetworkManager...

2.3AI score
Exploits0
CNVD
CNVD
β€’added 2016/10/12 12:0 a.m.β€’4 views

Wireshark NCP Parser Denial of Service Vulnerability (CNVD-2016-09585)

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A denial of service vulnerability exists in the packet-ncp2222.inc file in the NCP parse...

6.9AI score
Exploits0References1
The Hacker News
The Hacker News
β€’added 2016/07/13 12:12 a.m.β€’229 views

State-Sponsored SCADA Malware targeting European Energy Companies

Security researchers have discovered a new campaign targeting energy companies in Western Europe with a sophisticated malware that almost goes to great lengths in order to remain undetected while targeting energy companies. Researchers from SentinelOne Labs discovered the malware, which has alrea...

7.2CVSS8.2AI score0.87042EPSS
Exploits60
myhack58
myhack58
β€’added 2016/06/11 12:0 a.m.β€’13 views

The plant controller has a remote vulnerability and no patch-vulnerability warning-the black bar safety net

Power station use of an industrial control system has not patched the vulnerability, an attacker can remotely exploit it to gain network control. Remedy method? Turning off the function or replace the equipment. Power station use of an industrial control system has not patched the vulnerability, ...

0.5AI score
Exploits0
Rows per page
Query Builder