Lucene search
K

196 matches found

CNVD
CNVD
added 2019/08/08 12:0 a.m.2 views

Cisco IOS XR Input Validation Error Vulnerability (CNVD-2019-46439)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. An input validation error vulnerability exists in the Intermediate System to Intermediate System IS-IS routing protocol in Cisco IOS XR versions 6.5.1 through 6.6.3, which stems fro...

7.4CVSS6.7AI score0.00525EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/31 12:0 a.m.12 views

HumHub Social Network Kit Enterprise Information Disclosure Vulnerability

HumHub Social Network Kit Enterprise is an open source social networking kit. version 1.3.13 of HumHub Social Network Kit Enterprise contains an information disclosure vulnerability that stems from a configuration or other error in the operation of the network system or product, which could be...

5.3CVSS1.2AI score0.01504EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.9 views

The vulnerability of the NX-API Sandbox interface of the Cisco NX-OS routing system’s Cisco routers allows attackers to perform cross-site scripting attacks.

The vulnerability of the NX-API Sandbox network operating system of Cisco NX-OS routers is related to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00894EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.5 views

The vulnerability of the command-line interface of the Cisco NX-OSS network operating system devices allows a attacker to obtain the user’s encrypted SSH key or import an encrypted SSH key protected by a password.

The vulnerability of the command-line interface of the Cisco NX-OSS network operating system is related to errors in managing SSH keys. Exploiting this vulnerability can allow an attacker to obtain a secret SSH key of a user or import a secret SSH key protected by a password...

5.6CVSS5.8AI score0.00354EPSS
Exploits0References3
CNVD
CNVD
added 2019/06/13 12:0 a.m.8 views

WESEEK GROWI Input Validation Error Vulnerability

WESEEK GROWI is a suite of team collaboration software from WESEEK Japan. An input validation error vulnerability exists in the login process in WESEEK GROWI 3.4.6 and prior versions. The vulnerability originates from a network system or product that does not properly validate input data. An...

6.1CVSS6.7AI score0.01133EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.5 views

The vulnerability of the Event Management Service daemon (emsd) on the Cisco IOS XR operating system allows a hacker to trigger a service failure.

The vulnerability of the Event Management Service daemon emsd on the Cisco IOS XR operating system is related to insufficient validation of input data during gRPC requests. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted gRPC requests...

7.5CVSS6.6AI score0.02299EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/05/14 12:0 a.m.24 views

Multiple Siemens Products Access Control Error Vulnerabilities

Siemens SINAMICS PERFECT HARMONY GH180 is a high-voltage AC frequency converter from Siemens Germany. An access control error vulnerability exists in several Siemens products. The vulnerability stems from a network system or product that does not properly restrict access to resources from...

7.5CVSS2.3AI score0.0185EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/14 12:0 a.m.23 views

Vulnerabilities in Permissions and Access Control Issues for Multiple Siemens Products

Siemens SIMATIC WinCC is an automated data acquisition and monitoring SCADA system, Siemens SIMATIC HMI Comfort Panels is a touch panel device, Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device for outdoor use, and Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel devic...

9.1CVSS1.7AI score0.02721EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/12/13 12:0 a.m.10 views

The vulnerability of the Simple Network Management Protocol packet processor in the Cisco NX-OS operating system allows a attacker to trigger a service failure.

The vulnerability of the Simple Network Management Protocol SNMP packet handler in the Cisco NX-OS operating system arises due to errors in the data block verification of the SNMP protocol. Exploiting this vulnerability can allow a malicious actor to perform a reboot on the device remotely...

7.7CVSS6.5AI score0.02048EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/11/10 12:0 a.m.2 views

SQL Injection Vulnerability in the Construction System of China's Small and Medium-sized Enterprises Heilongjiang Network

Heilongjiang Provincial SME Technology Innovation Service Center is approved by the State Science and Technology Commission and the Provincial Editorial Committee to provide public welfare and supportive technology services for SMEs as a financial full-budget appropriation institution. China's...

7.6AI score
Exploits0
CNVD
CNVD
added 2017/05/04 12:0 a.m.2 views

Cisco IOS Software Denial of Service Vulnerability (CNVD-2017-06812)

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A denial of service vulnerability exists in the Event Management Service daemon emsd of the Cisco IOS XR router, which stems from an incorrect handling of gRPC requests. An...

7.8CVSS6.9AI score0.02479EPSS
Exploits0References1
CNVD
CNVD
added 2016/09/24 12:0 a.m.2 views

Cisco IOS and IOS XE Software ZBFW Feature Security Bypass Vulnerability

Cisco IOS and IOS XE Software are operating systems developed by Cisco for its network devices.Zone-Based Firewall ZBFW is one of the policy firewall components. A security bypass vulnerability exists in the ZBFW feature in Cisco IOS and IOS XE Software, which stems from the program failing to...

6.5CVSS6.9AI score0.01255EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/11 12:0 a.m.3 views

File Upload Vulnerability in Real Estate Information Network System

Real Estate Information Network System is a software package that introduces real estate information. The product suffers from a file upload vulnerability, which can be exploited by an attacker to upload arbitrary files and thus gain control of the website...

7.2AI score
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2016/05/26 12:0 a.m.7 views

VulnCheck KEV: CVE-2016-1409

The Neighbor Discovery ND protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service packet-processing outage via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild...

7.5CVSS7.2AI score0.03823EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/26 12:0 a.m.5 views

Cisco IOS and IOS XE Software DHCPv6 relay denial of service vulnerability

Cisco IOS and IOS XE Software are both operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the DHCP version 6 DHCPv6 relay feature of Cisco IOS and IOS XE Software. A remote attacker could exploit this vulnerability by sending a specially...

7.8CVSS6.8AI score0.01948EPSS
Exploits0References1
exploitpack
exploitpack
added 2010/11/30 12:0 a.m.45 views

Pandora Fms 3.1 - Blind SQL Injection

Pandora Fms 3.1 - Blind SQL Injection + Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers,...

7.5CVSS0.7AI score0.05339EPSS
Exploits8
Rows per page
Query Builder