Lucene search
+L

86 matches found

nessus
nessus
added 2024/03/14 12:0 a.m.72 views

Fortinet FortiClient EMS 7.0.x < 7.0.11 / 7.2.x < 7.2.3 (FG-IR-24-007)

The version of Fortinet FortiClient EMS installed on the remote host is prior to 7.0.11 or 7.2.3. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-007 advisory. - A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet...

9.8CVSS7.5AI score0.97591EPSS
Exploits4References2
cve
cve
added 2024/03/12 3:9 p.m.87 views

CVE-2023-47534

Fortinet FortiClientEMS is affected by CVE-2023-47534 due to improper neutralization of formula elements in CSV files. Affects versions 6.0.0–6.0.8, 6.2.0–6.2.9, 6.4.0–6.4.9, 7.0.0–7.0.10, and 7.2.0–7.2.2. Impact: remote code/command execution via specially crafted CSV packets. Mitigation: apply ...

9.6CVSS9.3AI score0.01051EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2023/05/26 12:0 a.m.35 views

Wireshark 1.6.x < 1.6.16 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.6.16. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.6.16 advisory. - The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark...

5CVSS7.2AI score0.60643EPSS
Exploits7References10
ptsecurity
ptsecurity
added 2023/04/22 12:0 a.m.7 views

PT-2023-8260 · Nvidia · Nvidia Dgx H100 Bmc

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 BMC affected versions not specified Description: The issue is related to a stack overflow vulnerability in the host KVM daemon of the NVIDIA DGX A100 BMC. An unauthenticated attacker can exploit this by sending a specially...

9.8CVSS9.9AI score0.00603EPSS
Exploits0References7
f5
f5
added 2023/02/21 7:36 p.m.45 views

K11720: Samba server vulnerability CVE-2010-2063

Security Advisory Description Note : Versions that are not listed in this articles have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

7.5CVSS8.2AI score0.78702EPSS
Exploits5
nessus
nessus
added 2023/02/14 12:0 a.m.26 views

Wago PFC200 iocheckd service 'I/O-Check' cache Command Injection (CVE-2019-5172)

An exploitable command injection vulnerability exists in the iocheckd service I/O-Check' function of the WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e840 the extracted ntp value from the xml file is use...

7.8CVSS7.5AI score0.01336EPSS
Exploits1References2
nessus
nessus
added 2022/11/08 12:0 a.m.39 views

Ubuntu 16.04 ESM : DHCP vulnerabilities (USN-5658-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5658-2 advisory. USN-5658-1 fixed vulnerabilities in DHCP. This update provides the corresponding updates for Ubuntu 16.04 ESM. Tenable has extracted the preceding...

6.5CVSS7AI score0.00664EPSS
Exploits0References3
rapid7blog
rapid7blog
added 2022/09/01 2:30 p.m.20 views

25 Years of Nmap: Happy Scan-iversary!

I didn't know it then, but on September 1, 1997, my life changed. That was the day that Fyodor's Nmap was first released to the world, courtesy of the venerable Phrack magazine. By the way, check out our recent podcast with Fyodor himself if you haven’t yet. At the time, I had just started my...

7AI score
Exploits0
nvd
nvd
added 2022/08/30 4:15 p.m.23 views

CVE-2022-37176

Tenda AC6AC1200 v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard...

9.8CVSS0.00773EPSS
Exploits0References1
prion
prion
added 2022/05/12 8:15 p.m.18 views

Race condition

A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition...

5CVSS7.4AI score0.01222EPSS
Exploits0References2Affected Software1
osv
osv
added 2021/05/12 2:15 p.m.5 views

CVE-2021-27385

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...

7.5CVSS7.3AI score0.02533EPSS
Exploits0References3
cvelist
cvelist
added 2021/03/22 5:39 p.m.25 views

CVE-2020-9213

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module,...

7.5AI score0.00727EPSS
Exploits0References1
cvelist
cvelist
added 2020/11/02 4:48 p.m.27 views

CVE-2018-19025

In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc...

9.4AI score0.01489EPSS
Exploits0References1
prion
prion
added 2020/10/21 10:15 p.m.20 views

Code injection

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service restart of agents by crafting a malformed DHCP packet which leads to an incorrect route being installed...

4.3CVSS7.4AI score0.01194EPSS
Exploits0References1Affected Software1
cve
cve
added 2020/07/07 8:5 a.m.52 views

CVE-2020-5599

The CVE-2020-5599 issue affects Mitsubishi Electric GOT2000 series GT27/GT25/GT23 CoreOS prior to version -Z. It is an improper neutralization of argument delimiters in a command (Argument Injection, CWE-88) vulnerability that may allow a remote attacker to stop network functions or run a malicio...

10CVSS9.3AI score0.03489EPSS
Exploits0References2Affected Software1
prion
prion
added 2020/03/02 10:15 p.m.14 views

Code injection

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack...

7.1CVSS7.4AI score0.04308EPSS
Exploits1References1
cve
cve
added 2020/03/02 9:20 p.m.84 views

CVE-2018-5951

MikroTik RouterOS is affected by CVE-2018-5951. The issue arises when a 1-byte packet is crafted and sent to a RouterOS IPv6 address using IP Protocol 97, which will cause the RouterOS device to reboot imminently. All RouterOS versions that support EoIPv6 are vulnerable. Connected documents confi...

7.5CVSS7.4AI score0.04308EPSS
Exploits1References1Affected Software1
bdu_fstec
bdu_fstec
added 2019/10/16 12:0 a.m.5 views

The vulnerability of Junos OS router devices of the SRX Series arises from insufficient validation of input data. This allows attackers to trigger service interruptions.

The vulnerability of Junos OS router devices of the SRX Series exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted multi-address packets...

6.5CVSS5.5AI score0.01309EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2019/08/20 12:0 a.m.44 views

QEMU - Denial of Service

QEMU - Denial of Service include include include include include include include include include include include include include include include include include define diex do \ perrorx; \ exitEXITFAILURE; \ while0; // Constans define SRCADDR "10.0.2.15" define DSTADDR "10.0.2.2" define INTERFACE...

7.3AI score
Exploits0
kitploit
kitploit
added 2019/06/03 9:54 p.m.270 views

ANDRAX v3 - The First And Unique Penetration Testing Platform For Android Smartphones

ANDRAX The first and unique Penetration Testing platform for Android smartphones. Thanks to Jessica Helena she made ANDRAX v3 possible. What is ANDRAX ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it...

7.1AI score
Exploits0
Rows per page
Query Builder