CVE-2012-6451

Affected products: Lorex LNC116 and LNC104 IP Cameras. Vulnerability: Remote authentication bypass due to the web interface using HTTP Basic authentication but validating credentials only on the home page; direct URL navigation bypasses login. Impact: unauthorized viewing of live video feed and p...

Cisco Unified Communications Manager Information Disclosure Vulnerability (CNVD-2020-03755)

Cisco Unified Communications Manager is the centerpiece of the Cisco Collaboration Platform, enabling a person to easily communicate with others via voice, video, and messaging from any device, on any operating system. An information disclosure vulnerability exists in the web-based management...

CVE-2019-10956

Geutebruck IP Cameras G-CodeEEC-2xxx, G-CamEBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx: All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root...

CVE-2019-10956

Geutebruck IP Cameras G-CodeEEC-2xxx, G-CamEBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx: All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root...

CVE-2019-10957

Geutebruck IP Cameras G-CodeEEC-2xxx, G-CamEBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx: All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in...

CVE-2019-10956

Geutebruck IP Cameras G-Code (EEC-2xxx) and G-Cam (EBC-21xx, EFD-22xx, ETHC-22xx, EWPC-22xx) with firmware up to 1.12.0.25 are affected by CVE-2019-10956 via OS command injection. A remote authenticated user can send a specially crafted URL command to the device and execute commands with root pri...

CVE-2015-5071

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the report parameter of the BIRT viewer servlet...

CVE-2015-5071

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the report parameter of the BIRT viewer servlet...

Cisco Data Center Network Manager XML External Entity Read Access Vulnerability

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An XML external entity read access vulnerability exists in the SOAP API of Cisco...

CVE-2020-5179

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. In some cases, authentication can be achieved with the comtech password fo...

CVE-2013-4985

Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream...

CVE-2013-4985

Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream...

CVE-2013-4985

CVE-2013-4985 affects Vivotek IP cameras, enabling remote unauthenticated RTSP authentication bypass to access video streams. Core Security CoreLabs advisory CORE-2013-0704 describes exploiting RTSP basic auth bypass by sending crafted RTSP packets to port 554, tested on IP7160, IP7361, IP8332 wi...

CVE-2019-6022

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function...

EulerOS 2.0 SP3 : subversion (EulerOS-SA-2019-2669)

According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Subversion's moddontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-servic...

CVE-2019-16671

CVE-2019-16671 affects Weidmueller IE-SW-VL05M/VL08MT/PL10M series switches. The vulnerability is described as Uncontrolled Resource Consumption that allows remote authenticated users to crash a device by sending a special packet. Red Hat and PRION entries confirm the affected device models and t...

EulerOS 2.0 SP2 : subversion (EulerOS-SA-2019-2504)

According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Subversion's moddontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-servic...

CVE-2019-15972 Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. ...

UBUNTU-CVE-2019-11291

Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious use...

CVE-2019-18610

An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface AMI user without system authorization could use a specially crafted Originate AMI request to execute arbitrary syst...