196 matches found
Cisco IOS XR Input Validation Error Vulnerability (CNVD-2019-46439)
Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. An input validation error vulnerability exists in the Intermediate System to Intermediate System IS-IS routing protocol in Cisco IOS XR versions 6.5.1 through 6.6.3, which stems fro...
HumHub Social Network Kit Enterprise Information Disclosure Vulnerability
HumHub Social Network Kit Enterprise is an open source social networking kit. version 1.3.13 of HumHub Social Network Kit Enterprise contains an information disclosure vulnerability that stems from a configuration or other error in the operation of the network system or product, which could be...
The vulnerability of the NX-API Sandbox interface of the Cisco NX-OS routing system’s Cisco routers allows attackers to perform cross-site scripting attacks.
The vulnerability of the NX-API Sandbox network operating system of Cisco NX-OS routers is related to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the command-line interface of the Cisco NX-OSS network operating system devices allows a attacker to obtain the user’s encrypted SSH key or import an encrypted SSH key protected by a password.
The vulnerability of the command-line interface of the Cisco NX-OSS network operating system is related to errors in managing SSH keys. Exploiting this vulnerability can allow an attacker to obtain a secret SSH key of a user or import a secret SSH key protected by a password...
WESEEK GROWI Input Validation Error Vulnerability
WESEEK GROWI is a suite of team collaboration software from WESEEK Japan. An input validation error vulnerability exists in the login process in WESEEK GROWI 3.4.6 and prior versions. The vulnerability originates from a network system or product that does not properly validate input data. An...
The vulnerability of the Event Management Service daemon (emsd) on the Cisco IOS XR operating system allows a hacker to trigger a service failure.
The vulnerability of the Event Management Service daemon emsd on the Cisco IOS XR operating system is related to insufficient validation of input data during gRPC requests. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted gRPC requests...
Multiple Siemens Products Access Control Error Vulnerabilities
Siemens SINAMICS PERFECT HARMONY GH180 is a high-voltage AC frequency converter from Siemens Germany. An access control error vulnerability exists in several Siemens products. The vulnerability stems from a network system or product that does not properly restrict access to resources from...
Vulnerabilities in Permissions and Access Control Issues for Multiple Siemens Products
Siemens SIMATIC WinCC is an automated data acquisition and monitoring SCADA system, Siemens SIMATIC HMI Comfort Panels is a touch panel device, Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device for outdoor use, and Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel devic...
The vulnerability of the Simple Network Management Protocol packet processor in the Cisco NX-OS operating system allows a attacker to trigger a service failure.
The vulnerability of the Simple Network Management Protocol SNMP packet handler in the Cisco NX-OS operating system arises due to errors in the data block verification of the SNMP protocol. Exploiting this vulnerability can allow a malicious actor to perform a reboot on the device remotely...
SQL Injection Vulnerability in the Construction System of China's Small and Medium-sized Enterprises Heilongjiang Network
Heilongjiang Provincial SME Technology Innovation Service Center is approved by the State Science and Technology Commission and the Provincial Editorial Committee to provide public welfare and supportive technology services for SMEs as a financial full-budget appropriation institution. China's...
Cisco IOS Software Denial of Service Vulnerability (CNVD-2017-06812)
Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A denial of service vulnerability exists in the Event Management Service daemon emsd of the Cisco IOS XR router, which stems from an incorrect handling of gRPC requests. An...
Cisco IOS and IOS XE Software ZBFW Feature Security Bypass Vulnerability
Cisco IOS and IOS XE Software are operating systems developed by Cisco for its network devices.Zone-Based Firewall ZBFW is one of the policy firewall components. A security bypass vulnerability exists in the ZBFW feature in Cisco IOS and IOS XE Software, which stems from the program failing to...
File Upload Vulnerability in Real Estate Information Network System
Real Estate Information Network System is a software package that introduces real estate information. The product suffers from a file upload vulnerability, which can be exploited by an attacker to upload arbitrary files and thus gain control of the website...
VulnCheck KEV: CVE-2016-1409
The Neighbor Discovery ND protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service packet-processing outage via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild...
Cisco IOS and IOS XE Software DHCPv6 relay denial of service vulnerability
Cisco IOS and IOS XE Software are both operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the DHCP version 6 DHCPv6 relay feature of Cisco IOS and IOS XE Software. A remote attacker could exploit this vulnerability by sending a specially...
Pandora Fms 3.1 - Blind SQL Injection
Pandora Fms 3.1 - Blind SQL Injection + Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers,...