GW Security IP Camera Default Credentials (HTTP)

The remote installation of GW Security Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either...

Enabling Clients to Cope with ASV Scans

Gathering evidence, applying patches, and configuring your systems in preparation for submitting your vulnerability disputes can be a nerve-wracking and daunting task. To better enhance your understanding of the Approved Scanning Vendor ASV process, Ive outlined some coping mechanisms and tools t...

[SECURITY] Fedora 29 Update: systemd-239-12.git8bca462.fc29

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

CVE-2019-3827

An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...

Planet IP Camera Default Credentials (HTTP)

The remote installation of Planet Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either versi...

Samsung iPolis Default Credentials (HTTP)

The remote installation of Samsung iPolis is using known default credentials. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published b...

Avtech IP Camera Default Credentials (HTTP)

The remote installation of Avtech SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.114064";...

MayGion IPCamera Default Credentials (HTTP)

The remote MayGion IP camera is using known default credentials for the HTTP login. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2019-1656 Cisco Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation in the affected software. An...

[SECURITY] Fedora 29 Update: systemd-239-8.gite339eae.fc29

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

CVE-2017-13886

CVE-2017-13886 affects macOS High Sierra prior to 10.13.2, where an access issue existed with privileged Wi‑Fi system configuration. The description in the CVE entry and Apple’s security content confirms the vulnerability relates to Wi‑Fi configuration privileges and was addressed by introducing ...

Brickcom Network Camera Default Credentials (HTTP)

The remote Brickcom IP camera is using known default credentials for the HTTP login. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2018-1000889

Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...

Interlogix TruVision Default Credentials (HTTP)

The remote installation of TruVision is using known default credentials. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arecont Vision NVR Default Credentials (HTTP)

The remote installation of Arecont Vision SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.114051"...

Western Digital My Cloud NAS Default Credentials (HTTP)

The Western Digital My Cloud device is using known and default credentials for the HTTP based web interface. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CentOS 7 : setup (CESA-2018:3249)

An update for setup is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

setup security update

CentOS Errata and Security Advisory CESA-2018:3249 An update for setup is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Samsung Web Viewer DVR Default Credentials (HTTP)

The remote installation of Samsung Web Viewer DVR is using known and default credentials for the web interface. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2018-15394 Cisco Stealthwatch Management Console Authentication Bypass Vulnerability

A vulnerability in the Stealthwatch Management Console SMC of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system...