Lucene search
K

151 matches found

CNNVD
CNNVD
added 2022/01/14 12:0 a.m.5 views

Le-Yan Dental Management System 信任管理问题漏洞

Le-Yan Dental Management System is a dental management system from Le-Yan, China. Le-Yan dental management system is vulnerable to a trust management issue, which could be exploited by attackers to gain administrator privileges and take control of the system or disrupt services...

10CVSS5.6AI score0.02259EPSS
Exploits0References2
CNVD
CNVD
added 2022/01/05 12:0 a.m.26 views

Shockwall system authorization issue vulnerability

Sun & Moon Rise Shockwall System is a computer endpoint protection system from Sun & Moon Rise, a Chinese company. A server-side request forgery SSRF attack can be launched against another proxy computer using local registry information, resulting in the execution of arbitrary code to control the...

9CVSS3.7AI score0.00451EPSS
Exploits0References1
NVD
NVD
added 2022/01/03 10:15 a.m.17 views

CVE-2021-44158

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service...

8CVSS0.00677EPSS
Exploits0References1
CVE
CVE
added 2021/10/19 6:17 p.m.57 views

CVE-2021-31381

CVE-2021-31381 refers to a configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series. A remote attacker can send a specially crafted query that may cause the web server to delete files, impacting integrity and availability. The NVD metrics show a hig...

9.1CVSS7.7AI score0.01121EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/07/09 7:15 p.m.3 views

CVE-2021-33214

In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...

6.1CVSS5.8AI score0.00649EPSS
Exploits1References5
NVD
NVD
added 2021/07/09 7:15 p.m.23 views

CVE-2021-33214

In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...

6.1CVSS0.00649EPSS
Exploits1References5
CVE
CVE
added 2021/07/09 6:3 p.m.85 views

CVE-2021-33214

CVE-2021-33214 affects HMS Networks eCatcher prior to or up to version 6.6.4. The vulnerability arises from weak filesystem permissions that could allow malicious users to access files, potentially leading to sensitive information disclosure, modification of configuration files, or disruption of ...

6.1CVSS6.1AI score0.00649EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2021/07/09 6:3 p.m.23 views

CVE-2021-33214

In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...

6.3AI score0.00649EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/03/10 12:0 a.m.4 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. F5 BIGIP Appliance mode AWAF/ASM TMUI remote command execution vulnerability, the vulnerability allows users with elevated...

9.1CVSS6.3AI score0.08838EPSS
Exploits1References5
CNVD
CNVD
added 2021/03/03 12:0 a.m.6 views

Dell SRS Policy Manager XML External Entity Injection Vulnerability

Dell SRS Policy Manager is an application from Dell USA. It provides Dell policy management features. A security vulnerability exists in SRS Policy Manager 6.X. The vulnerability stems from a misconfigured XML parser that fails to perform sufficient validation when processing user-supplied DTD...

7.2CVSS6.7AI score0.01402EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/29 12:0 a.m.2 views

Unspecified Vulnerability in ABB System 800xA Base

ABB System 800xA Base is a distributed control system from ABB Switzerland for the industrial control industry. A security vulnerability exists in ABB System 800xA Base version 6.1 and prior versions, which originates from a Windows folder used for system functionality that allows a user with low...

7.8CVSS6.9AI score0.00279EPSS
Exploits0References1
Prion
Prion
added 2020/04/22 3:15 p.m.19 views

Design/Logic Flaw

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...

4.6CVSS7.2AI score0.00285EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/07 4:50 a.m.48 views

CVE-2018-18397

A flaw was found in the Linux kernel with files on tmpfs and hugetlbfs. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior. At this time there is an understanding there is no crash or privilege...

6.1CVSS2.7AI score0.0051EPSS
Exploits5References2
Veracode
Veracode
added 2019/05/16 3:38 a.m.30 views

Authorization Bypass

Linux kernel is vulnerable to authorization bypass attacks. This exists in the tmpfs and hugetlbfs files. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior...

5.5CVSS5.8AI score0.0051EPSS
Exploits5References15Affected Software1
CNVD
CNVD
added 2018/07/11 12:0 a.m.4 views

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2018-13360)

Microsoft Windows Server 2012 R2, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The Windows Kernel API is one of the kernel APIs application program interfaces. There is a vulnerability in the way the Windows Kernel API executes privileges in Microsoft...

7.8CVSS6.1AI score0.01208EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:7 a.m.15 views

Security Bulletin: CLI access security issue on IBM System Storage Storwize V7000 Unified (CVE-2014-0880)

Summary CLI security issue. Vulnerability Details CVEID: CVE-2014-0880 DESCRIPTION: An unauthorized user with network access to a system's administrative IP Internet Protocol address may be able to gain access to the block CLI Command Line Interface of the system, allowing the user to issue all...

7.5CVSS1.1AI score0.01912EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2018/06/15 12:0 a.m.4 views

Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2018-13328)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Microsoft Windows 10 is a set of operating systems for personal computers.Windows Server 2016 is a set of server operating systems. A local elevation of privilege vulnerability exists i...

7CVSS7.2AI score0.02575EPSS
Exploits1References1
OSV
OSV
added 2018/03/09 5:29 p.m.4 views

CVE-2017-17168

The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...

6.5CVSS5.8AI score0.0075EPSS
Exploits0References1
OSV
OSV
added 2018/03/09 5:29 p.m.3 views

CVE-2017-17169

The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...

6.5CVSS5.8AI score0.0075EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/02/06 12:0 a.m.53 views

WinShell Trojan Detection

This host seems to be running WinShell. WinShell is a Trojan Horse which allows an intruder to take the control of the remote computer. An attacker may use it to steal your passwords, modify your data, and prevent you from working properly. C Tenable Network Security, Inc. include"compat.inc";...

5.5AI score
Exploits0
Rows per page
Query Builder