Lucene search
+L

4293 matches found

ICS
ICS
added 2016/05/26 12:0 a.m.69 views

Environmental Systems Corporation Data Controllers Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-147-01A Environmental Systems Corporation Data Controllers Vulnerabilities that was published June 2, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified data controller...

9.1CVSS1AI score0.01728EPSS
Exploits0References20
ICS
ICS
added 2016/04/15 6:0 a.m.88 views

GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability

OVERVIEW Zhou Yu of Acorn Network Security identified an improper privilege management vulnerability and recently released exploit code for the GE Proficy HMI/SCADA CIMPLICITY application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. GE produc...

6.3CVSS6.5AI score0.00394EPSS
Exploits0References10
ICS
ICS
added 2016/02/27 7:0 a.m.23 views

Environmental Systems Corporation Data Controllers Vulnerabilities

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-147-01A Environmental Systems Corporation Data Controllers Vulnerabilities that was published June 2, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified data controller...

9.4AI score
Exploits0References10
RedHat Linux
RedHat Linux
added 2015/07/20 2:6 p.m.44 views

Moderate: Red Hat Security Advisory: sudo security, bug fix, and enhancement update

Updated sudo packages that fix one security issue, three bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

3.3CVSS6.2AI score0.0047EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2015/07/09 12:0 a.m.5 views

PT-2015-3402 · Openssh +6 · Openssh +6

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 6.9 Description: The issue is related to the x11 open helper function in channels.c in ssh, which lacks a check of the refusal deadline for X connections when ForwardX11Trusted mode is not used. This makes it easier...

10CVSS7.4AI score0.9986EPSS
Exploits209References412
securityvulns
securityvulns
added 2015/01/25 12:0 a.m.113 views

Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability

================================================================================ REWTERZ-20140103 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product:...

0.7AI score
Exploits0
0day.today
0day.today
added 2015/01/24 12:0 a.m.55 views

ManageEngine ServiceDesk Plus 9.0 Privilege Escalation Vulnerability

ManageEngine ServiceDesk Plus version 9.0 prior to build 9031 suffers from a remote privilege escalation vulnerability due to improper access controls. Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product: ServiceDesk Plus http://www.manageengine.com/ Affected...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/01/23 12:0 a.m.40 views

ManageEngine ServiceDesk Plus 9.0 Privilege Escalation

================================================================================ REWTERZ-20140103 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product:...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2014/11/28 12:0 a.m.23 views

xEpan 1.0.4 - Multiple Vulnerabilities

Exploit Title: Multiple Vulnerability xEpan 1.0.4 Google Dork: not yet Date: 2014-11-27 Exploit Author: Parikesit , Kurawa In Disorder Vendor Homepage: http://xepan.org Software Link: http://www.xepan.org/index.php?subpage=download Version: 1.0.4 Tested on: Windows 7 Ultimate Vulnerability Type:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.15 views

Ecava IntegraXor < 4.2.4458 Multiple Vulnerabilities

Binary data scadaintegraxor424458.nbin...

9CVSS6.8AI score0.0265EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/28 12:0 a.m.24 views

qibocms 多个系统同一原因的sql注入

简要描述: 因为qibocms 拥有很多系统。 看了看昨天发的那个洞 今天再下载了几个qibo其他的系统 发现有一部分系统存在该洞。 鉴于之前qibocms打补丁的时候总是打了几个系统 而遗漏了其他几个系统。 就把存在这洞的系统全部一个一个的写出来。 详细说明: 统一来看看全局文件 $POST=AddS$POST; $GET=AddS$GET; $COOKIE=AddS$COOKIE; function AddS$array foreach$array as $key=$value if!isarray$value $value=strreplace"&x","& x",$value;...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

ManageEngine ServiceDesk Plus 8.0.0 Build 8013 Improper User Privileges

No description provided by source. ================================================================================ Secur-I Research Group Security Advisory SRG-2011-002 ================================================================================ Title : ManageEngine ServiceDesk Plus Improper...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

SGI IRIX <= 6.2 cdplayer Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/333/info A vulnerability exists in the /usr/bin/X11/cdplayer application as shipped with SGI's IRIX operating system. By failing to shed root privileges, and creating arbitrary directories as root, cdplayer allows arbitra...

7.1AI score
Exploits0
NVD
NVD
added 2013/10/16 10:52 a.m.21 views

CVE-2013-4831

HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

5.5CVSS5.8AI score0.01137EPSS
Exploits0References1
Prion
Prion
added 2013/10/16 10:52 a.m.30 views

Design/Logic Flaw

HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

5.5CVSS6.2AI score0.01137EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/16 10:0 a.m.44 views

CVE-2013-4831

HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

5.8AI score0.01137EPSS
Exploits0References1
CERT
CERT
added 2013/08/30 12:0 a.m.59 views

Supermicro IPMI based on ATEN firmware contain multiple vulnerabilities

Overview Supermicro Intelligent Platform Management Interface IPMI implementations based on ATEN firmware contain multiple vulnerabilities in their web management interface. Description CWE-121: Stack-based Buffer Overflow - CVE-2013-3607The Supermicro IPMI web interface contains multiple buffer...

10CVSS9.5AI score0.09731EPSS
Exploits3References4
ThreatPost
ThreatPost
added 2013/05/31 4:27 p.m.15 views

Oracle Java Security Enhancements Get Mixed Reviews

Oracle is working hard to restore some faith in the security of the Java browser plug-in with a number of enhancements announced yesterday, specifically to in-house code testing, as well as policy changes regarding signed applets and certificate validation. But after a miserable year of targeted...

Exploits0References1
NVD
NVD
added 2013/03/25 9:55 p.m.19 views

CVE-2013-1836

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...

6.5CVSS8.9AI score0.01961EPSS
Exploits0References5
CVE
CVE
added 2013/03/25 9:0 p.m.88 views

CVE-2013-1836

CVE-2013-1836 affects Moodle 2.x up to 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2. Root cause: Moodle does not properly manage privileges for WebDAV repositories, allowing remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leverag...

6.5CVSS8.7AI score0.01961EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder