Lucene search
K

133 matches found

Cvelist
Cvelist
added 2021/11/04 3:40 p.m.19 views

CVE-2021-34739 Cisco Small Business Series Switches Session Credentials Replay Vulnerability

A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This...

8.1CVSS8.3AI score0.01617EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/11/04 3:40 p.m.9 views

CVE-2021-34739 Cisco Small Business Series Switches Session Credentials Replay Vulnerability

A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This...

8.1CVSS7.1AI score0.01617EPSS
Exploits0References1
CISA
CISA
added 2021/11/04 12:0 a.m.18 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7AI score
Exploits0References5
0day.today
0day.today
added 2021/11/03 12:0 a.m.156 views

Sonicwall SonicOS 6.5.4 - (Common Name) Cross-Site Scripting Vulnerability

Exploit Title: Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting XSS Vendor Homepage: https://www.sonicguard.com/NSV-800.asp Product & Service Introduction: =============================== The design, implementation and deployment of modern network architectures, such as virtualization...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/10/09 12:0 a.m.6 views

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2021-88192)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting vulnerability exists in IBM Sterling B...

5.4CVSS6.2AI score0.00445EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.3 views

IBM Sterling B2B Integrator 跨站脚本漏洞

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting vulnerability exists in IBM Sterling B...

5.4CVSS5.4AI score0.00445EPSS
Exploits0References4
OSV
OSV
added 2021/07/14 12:15 p.m.3 views

CVE-2021-33683

SAP Web Dispatcher and Internet Communication Manager ICM, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83,...

4.3CVSS7.3AI score0.00546EPSS
Exploits0References2
CNVD
CNVD
added 2021/03/05 12:0 a.m.9 views

IBM Engineering Workflow Management Cross-Site Scripting Vulnerability (CNVD-2021-14750)

IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...

5.4CVSS6AI score0.00539EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/28 12:0 a.m.4 views

IBM Jazz Reporting Service Cross-Site Scripting Vulnerability (CNVD-2020-30833)

IBM Jazz Reporting Service JRS is a suite of ready-to-use reporting components from IBM in the United States. The product includes features such as report generation, data collection and lifecycle queries. A cross-site scripting vulnerability exists in Report Builder in IBM JRS versions 7.0,...

5.4CVSS6.2AI score0.00561EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:44 a.m.17 views

Authorization Bypass

rhn-client-tools is vulnerable to authorization bypass. The vulnerability exists as it was discovered that rhn-client-tools set insecure permissions on the loginAuth.pkl file, used to store session credentials for authenticating connections to Red Hat Network servers. A local, unprivileged user...

3.6CVSS2.3AI score0.00384EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2020/02/13 4:15 p.m.3 views

CVE-2019-18791

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

5.4CVSS6.1AI score0.00527EPSS
Exploits0References2
NVD
NVD
added 2020/02/13 4:15 p.m.20 views

CVE-2019-18791

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

5.4CVSS5.3AI score0.00527EPSS
Exploits0References2
Prion
Prion
added 2020/02/13 4:15 p.m.20 views

Cross site scripting

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

3.5CVSS5.2AI score0.00527EPSS
Exploits0References2Affected Software80
Cvelist
Cvelist
added 2020/02/13 3:1 p.m.21 views

CVE-2019-18791

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

5.3AI score0.00527EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/06/13 12:0 a.m.7 views

PT-2019-2565 · Abb · Abb Idal

Name of the Vulnerable Software and Affected Versions: ABB IDAL affected versions not specified Description: The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, the...

8.8CVSS8.7AI score0.0526EPSS
Exploits2References9
Cvelist
Cvelist
added 2018/10/10 6:0 p.m.16 views

CVE-2018-0046 Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS

A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space versions...

8.8CVSS5.9AI score0.01646EPSS
Exploits0References4
Vulnerability Lab
Vulnerability Lab
added 2018/08/26 12:0 a.m.25 views

Anghami - Persistent Input Validation Vulnerability

Document Title: =============== Anghami - Persistent Input Validation Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2144 View Video: https://www.youtube.com/watch?v=7CnXLxs6CXo Release Date: ============= 2018-08-26 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
NVD
NVD
added 2018/06/29 2:29 p.m.20 views

CVE-2018-13002

An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core & Grid v12.6.24. The vulnerability is located in the wFilemanager.php and index.php files of the /grid5/scripts/ modules. The injection point is located in the Project Title and the execution point occurs in the Inhaltsprojekt...

4.8CVSS5.4AI score0.00935EPSS
Exploits3References1
Prion
Prion
added 2018/06/29 2:29 p.m.17 views

Design/Logic Flaw

An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core & Grid v12.6.24. The vulnerability is located in the wFilemanager.php and index.php files of the /grid5/scripts/ modules. The injection point is located in the Project Title and the execution point occurs in the Inhaltsprojekt...

3.5CVSS5.2AI score0.00935EPSS
Exploits3References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2018/05/02 12:0 a.m.4 views

Trend Micro IMSVA Management Portal Authentication Bypass (CVE-2018-3609)

An authentication bypass exists in Trend Micro InterScan Mail Security Virtual Appliance. The vulnerability is due to insufficient protection of a log file containing session credentials for authenticated users...

4.3CVSS3.8AI score0.21826EPSS
Exploits1
Rows per page
Query Builder