Lucene search
K

732 matches found

Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.21 views

CVE-2024-10724 Stored XSS in IPV6 Section in phpipam/phpipam

A stored cross-site scripting XSS vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing the Destination address. This vulnerability allows an attacker to execute malicious code. The issue is fixed in version 1.7.0...

3.5CVSS3.6AI score0.00315EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.2 views

phpIPAM 跨站脚本漏洞

phpIPAM is phpIPAM open source a set of open source PHP and MySQL based IP address management applications IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from a stored cross-site scripting vulnerability in the Subnet NAT translations section when editing a...

5.4CVSS4.5AI score0.00315EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-34937

Name of the Vulnerable Software and Affected Versions: Kea versions 2.7.1 through 2.7.9 Kea version 3.0.0 Kea version 3.1.0 Description: If a DHCPv4 client sends a request with specific options and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an...

7.5CVSS6.3AI score0.00495EPSS
Exploits0References20
Citrix
Citrix
added 2024/12/17 12:0 a.m.8 views

Subnet mask missing in Windows once PVS target is booted via BDM

When booting a PVS target using a BDM with static IP and having DHCP enabled in the vdisk, Windows may be missing its subnet mask...

7.1AI score
Exploits0
NVD
NVD
added 2024/11/25 9:15 a.m.26 views

CVE-2021-23282

Eaton Intelligent Power Manager IPM prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to...

5.2CVSS0.08233EPSS
Exploits0References1
CVE
CVE
added 2024/11/25 8:36 a.m.59 views

CVE-2021-23282

CVE-2021-23282 affects Eaton Intelligent Power Manager (IPM) versions prior to 1.70. The issue is a stored cross-site scripting vulnerability caused by insufficient validation of input from certain resources in the IPM software. Exploitation requires access to the local subnet and administrator i...

5.2CVSS4.9AI score0.08233EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/25 8:36 a.m.26 views

CVE-2021-23282 Stored Cross-site Scripting reported in Intelligent Power Manager v1

Eaton Intelligent Power Manager IPM prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to...

5.2CVSS0.08233EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.5 views

The vulnerability of the application software interface of Juniper Networks Junos OS Evolved allows a hacker to circumvent security restrictions.

The vulnerability of the application software interface of Juniper Networks Junos OS Evolved relates to incorrect comparison of subnet addresses. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions from a remote location...

5.4CVSS5.5AI score0.00639EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/10/17 6:15 p.m.10 views

CVE-2024-48638

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...

8CVSS0.0209EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/10/15 5:33 p.m.17 views

Agent Dart is missing certificate verification checks

Certificate verification in lib/agent/certificate.dart has been found to contain two issues: - During the delegation verification in checkDelegation function the canisterranges aren't verified. The impact of not checking the canisterranges is that a subnet can sign canister responses in behalf of...

8.7CVSS7AI score0.00353EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/10/15 5:15 p.m.10 views

CVE-2024-48915

Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to version 1.0.0-dev.29, certificate verification in lib/agent/certificate.dart does not occur properly. During the delegation verification in the checkDelegation function, the canisterranges aren't...

8.7CVSS0.00353EPSS
Exploits0References4
CVE
CVE
added 2024/10/15 5:12 p.m.41 views

CVE-2024-48915

Agent Dart (for Dart/Flutter) prior to version 1.0.0-dev.29 has certificate verification issues in lib/agent/certificate.dart. In _checkDelegation, canister_ranges are not verified, potentially allowing a subnet to sign canister responses on behalf of another subnet. The certificate’s /time path ...

8.7CVSS6.6AI score0.00353EPSS
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/15 12:0 a.m.5 views

Agent Dart is missing certificate verification checks

Certificate verification in lib/agent/certificate.dart has been found to contain two issues: - During the delegation verification in checkDelegation function the canisterranges aren't verified. The impact of not checking the canisterranges is that a subnet can sign canister responses in behalf of...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/10/11 4:15 p.m.5 views

CVE-2024-39534

An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. Thi...

5.3CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.8 views

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved. An attacker exploits the vulnerability to create a session or send traffic to the device using the network and broadcast addresses...

5.4CVSS6.8AI score0.00639EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/09 12:0 a.m.6 views

PT-2024-7847 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Junos OS Evolved versions prior to 21.4R3-S8-EVO Junos OS Evolved version 22.2-EVO prior to 22.2R3-S4-EVO Junos OS Evolved version 22.3-EVO prior to 22.3R3-S4-EVO Junos OS Evolved version 22.4-EVO prior to 22.4R3-S3-EVO Junos OS Evolved versi...

5.4CVSS7.3AI score0.00639EPSS
Exploits0References10
ICS
ICS
added 2024/10/01 6:0 a.m.38 views

Subnet Solutions Inc. PowerSYSTEM Center

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerabilities: Server-Side Request Forgery SSRF, Inefficient Regular Expression Complexity, Cross-Site Request Forgery CSRF 2. RISK...

7.8CVSS7.4AI score0.08515EPSS
Exploits4References10
CNVD
CNVD
added 2024/07/19 12:0 a.m.5 views

D-Link DAP-1325 SubnetMask Command Injection Vulnerability

D-Link DAP-1325 is a wireless access point/bridge made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network to wireless network or connect different wireless networks. The D-Link DAP-1325 suffers from a command injection vulnerability th...

8.8CVSS9.4AI score0.01187EPSS
Exploits0References1
ICS
ICS
added 2024/07/18 6:0 a.m.26 views

Subnet Solutions PowerSYSTEM Center

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Subnet Solutions Inc. Equipment : Subnet PowerSYSTEM Center Vulnerability : Prototype Pollution 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated...

9.8CVSS8.2AI score0.02139EPSS
Exploits2References10
Citrix
Citrix
added 2024/07/13 12:0 a.m.10 views

How to Configure NetScaler and StoreFront for Internal and External Connections

This article describes how to configure NetScaler and StoreFront with two NetScaler Gateways, two StoreFront sites, two different subnet IPs, and one URL for both internal and external connections...

7.1AI score
Exploits0
Rows per page
Query Builder