Lucene search
K

140 matches found

ICS
ICS
added 2022/02/03 12:0 a.m.284 views

Sensormatic PowerManage (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc Equipment: PowerManage Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This update advisory is a follow-up to the...

10CVSS10AI score0.99999EPSS
Exploits352References5
ATTACKERKB
ATTACKERKB
added 2022/01/05 12:15 p.m.72 views

CVE-2021-31589

A cross-site scripting XSS vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization...

6.1CVSS6.3AI score0.28207EPSS
In wildExploits3References5
CVE
CVE
added 2022/01/05 11:26 a.m.212 views

CVE-2021-31589

BeyondTrust Secure Remote Access Base software up to version 6.0.1 is affected by a cross-site scripting (XSS) vulnerability. The issue allows remote attackers to inject arbitrary web script or HTML via unsanitized web requests, with documented impact including potential execution of JavaScript i...

6.1CVSS6.1AI score0.28207EPSS
In wildExploits3References3Affected Software1
ICS
ICS
added 2021/10/07 12:0 a.m.32 views

FATEK Automation Communication Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FATEK Automation Equipment: Communication Server Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3...

9.8CVSS10AI score0.01758EPSS
Exploits0References6
OSV
OSV
added 2021/08/04 7:15 p.m.6 views

CVE-2021-20028

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier...

9.8CVSS7.4AI score0.30084EPSS
Exploits0References2
NVD
NVD
added 2021/08/04 7:15 p.m.32 views

CVE-2021-20028

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier...

9.8CVSS0.30084EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2021/08/04 7:10 p.m.15 views

CVE-2021-20028

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier...

8AI score0.30084EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/04 7:10 p.m.45 views

CVE-2021-20028

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier...

10AI score0.30084EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/04 12:0 a.m.5 views

Claroty Secure Remote Access SQL注入漏洞

Claroty Secure Remote Access is a core component of the Claroty Platform from Claroty, Inc. that provides frictionless, reliable and highly secure remote access for OT environments. A SQL injection vulnerability exists in Claroty Secure Remote Access that stems from an SQL injection vulnerability...

9.8CVSS7.5AI score0.30084EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/15 12:0 a.m.3 views

SonicWall SRA/SMA SQL注入漏洞

Sonicwall SRA and Sonicwall SMA are both security protection products for enterprise managed security access from SonicWall USA. SonicWallSRA/SMA suffers from a SQL injection vulnerability that allows a remote, unauthenticated attacker to execute SQL statements to steal sensitive internal account...

6AI score
Exploits0
CNNVD
CNNVD
added 2021/06/29 12:0 a.m.4 views

Claroty Secure Remote Access 安全漏洞

Claroty Secure Remote Access is a core component of the Claroty Platform from Claroty, Inc. that provides frictionless, reliable and highly secure remote access for OT environments. A security vulnerability exists in Claroty Secure Remote Access that allows them to generate valid session tokens f...

5.5CVSS5.8AI score0.00216EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/01/08 12:0 a.m.7 views

Sonicwall SonicWall NetExtender Windows client Code Issue Vulnerability

Sonicwall NetExtender Windows client is a Windows-based SSL VPN Virtual Private Network client application from Sonicwall, Inc. A security vulnerability exists in SonicWall NetExtender Windows client version 10.2.300 and earlier, the source of which allows a local attacker to gain elevated...

5.3CVSS6AI score0.01658EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2020/02/20 12:0 a.m.12 views

SonicWall / Dell SonicWALL SRA / SMA Detection Consolidation

Consolidation of SonicWall / Dell SonicWALL Secure Mobile Access SMA and Secure Remote Access SRA detections. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

7.4AI score
Exploits0References1
CNVD
CNVD
added 2019/11/05 12:0 a.m.3 views

Unspecified Vulnerability in Cisco Adaptive Security Appliance Software

Cisco Adaptive Security Appliances Software ASA Software is a suite of firewall and network security platforms from Cisco. A security vulnerability exists in the Secure Sockets Layer SSL VPN feature of Cisco ASA Software, which stems from the program not properly handling Base64 encoded strings. ...

7.7CVSS7AI score0.01526EPSS
Exploits0References1
ICS
ICS
added 2018/10/02 12:0 a.m.525 views

Entes EMG 12

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Entes Equipment: EMG 12 Vulnerabilities: Improper Authentication, Information Exposure Through Query Strings in GET Request 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...

9.8CVSS10AI score0.07744EPSS
Exploits0References5
CNVD
CNVD
added 2018/06/13 12:0 a.m.4 views

SIEMENS SCALANCE M875 Information Disclosure Vulnerability

SCALANCE M industrial routers are used for secure remote access to the plant via mobile networks, e.g. GPRS or UMTS, with integrated security features such as firewalls to prevent unauthorized access and VPNs to protect data transmission. SIEMENS SCALANCE M875 has an information disclosure...

7.8CVSS6.5AI score0.00422EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/12/14 12:0 a.m.7 views

The vulnerability of the “diagnostics” component of the CGI application for the web interface of the Sonicwall Secure Remote Access system management console allows a hacker to execute arbitrary commands.

The vulnerability of the “diagnostics” component /cgi-bin/diagnostics of the CGI application for the web interface of the Dell Inc. Sonicwall Secure Remote Access SRA system management application is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a...

10CVSS5.9AI score0.23296EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/14 12:0 a.m.9 views

The vulnerability of the “viewcert” component in the CGI application of the web interface for administering the Sonicwall Secure Remote Access server allows a perpetrator to execute arbitrary commands.

The vulnerability of the “viewcert” component /cgi-bin/viewcert of the CGI application for the web interface of the Dell Inc. Sonicwall Secure Remote Access SRA system management application is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow a...

10CVSS5.9AI score0.07064EPSS
Exploits2References4Affected Software1
Fedora
Fedora
added 2017/11/28 4:31 p.m.53 views

[SECURITY] Fedora 26 Update: openssh-7.5p1-4.fc26

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

5.3CVSS2AI score0.03359EPSS
Exploits0
ICS
ICS
added 2017/10/12 12:0 a.m.75 views

WECON Technology Co., Ltd. LeviStudio HMI Editor

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: WECON Technology Co., Ltd. WECON Equipment: LeviStudio HMI Editor Vulnerabilities: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of LEVI Studio HMI Editor, an HMI programming software product, a...

9.8CVSS10AI score0.02772EPSS
Exploits0References3
Rows per page
Query Builder