151 matches found
Le-Yan Dental Management System 信任管理问题漏洞
Le-Yan Dental Management System is a dental management system from Le-Yan, China. Le-Yan dental management system is vulnerable to a trust management issue, which could be exploited by attackers to gain administrator privileges and take control of the system or disrupt services...
Shockwall system authorization issue vulnerability
Sun & Moon Rise Shockwall System is a computer endpoint protection system from Sun & Moon Rise, a Chinese company. A server-side request forgery SSRF attack can be launched against another proxy computer using local registry information, resulting in the execution of arbitrary code to control the...
CVE-2021-44158
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service...
CVE-2021-31381
CVE-2021-31381 refers to a configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series. A remote attacker can send a specially crafted query that may cause the web server to delete files, impacting integrity and availability. The NVD metrics show a hig...
CVE-2021-33214
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...
CVE-2021-33214
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...
CVE-2021-33214
CVE-2021-33214 affects HMS Networks eCatcher prior to or up to version 6.6.4. The vulnerability arises from weak filesystem permissions that could allow malicious users to access files, potentially leading to sensitive information disclosure, modification of configuration files, or disruption of ...
CVE-2021-33214
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. F5 BIGIP Appliance mode AWAF/ASM TMUI remote command execution vulnerability, the vulnerability allows users with elevated...
Dell SRS Policy Manager XML External Entity Injection Vulnerability
Dell SRS Policy Manager is an application from Dell USA. It provides Dell policy management features. A security vulnerability exists in SRS Policy Manager 6.X. The vulnerability stems from a misconfigured XML parser that fails to perform sufficient validation when processing user-supplied DTD...
Unspecified Vulnerability in ABB System 800xA Base
ABB System 800xA Base is a distributed control system from ABB Switzerland for the industrial control industry. A security vulnerability exists in ABB System 800xA Base version 6.1 and prior versions, which originates from a Windows folder used for system functionality that allows a user with low...
Design/Logic Flaw
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...
CVE-2018-18397
A flaw was found in the Linux kernel with files on tmpfs and hugetlbfs. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior. At this time there is an understanding there is no crash or privilege...
Authorization Bypass
Linux kernel is vulnerable to authorization bypass attacks. This exists in the tmpfs and hugetlbfs files. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior...
Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2018-13360)
Microsoft Windows Server 2012 R2, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The Windows Kernel API is one of the kernel APIs application program interfaces. There is a vulnerability in the way the Windows Kernel API executes privileges in Microsoft...
Security Bulletin: CLI access security issue on IBM System Storage Storwize V7000 Unified (CVE-2014-0880)
Summary CLI security issue. Vulnerability Details CVEID: CVE-2014-0880 DESCRIPTION: An unauthorized user with network access to a system's administrative IP Internet Protocol address may be able to gain access to the block CLI Command Line Interface of the system, allowing the user to issue all...
Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2018-13328)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Microsoft Windows 10 is a set of operating systems for personal computers.Windows Server 2016 is a set of server operating systems. A local elevation of privilege vulnerability exists i...
CVE-2017-17168
The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...
CVE-2017-17169
The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...
WinShell Trojan Detection
This host seems to be running WinShell. WinShell is a Trojan Horse which allows an intruder to take the control of the remote computer. An attacker may use it to steal your passwords, modify your data, and prevent you from working properly. C Tenable Network Security, Inc. include"compat.inc";...