Lucene search
K

422 matches found

Cvelist
Cvelist
added 2021/12/23 7:48 p.m.27 views

CVE-2021-27006

StorageGRID formerly StorageGRID Webscale versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager...

5.2AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/23 12:0 a.m.5 views

Netapp StorageGRID 安全漏洞

Netapp StorageGRID is an object storage solution from NetApp USA.NetApp StorageGRID has a security vulnerability that could be exploited by an attacker to escalate its privileges and modify settings in SANtricity System Manager...

4.4CVSS5.6AI score0.00259EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2021/12/21 9:8 a.m.18 views

systemd bug fix and enhancement update

An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...

1AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/12/16 7:31 p.m.18 views

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

1.4AI score
Exploits0
NVD
NVD
added 2021/12/06 1:15 p.m.30 views

CVE-2021-43471

In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...

7.8CVSS0.01439EPSS
Exploits1References1
Prion
Prion
added 2021/12/06 1:15 p.m.15 views

Denial of service

In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...

7.8CVSS7.6AI score0.01439EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/12/06 12:13 p.m.29 views

CVE-2021-43471

In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...

7.8AI score0.01439EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.7 views

The vulnerability in the `system_mgr.cgi` script of the D-Link DNS-320 network storage software allows a hacker to execute arbitrary code.

The vulnerability in the systemmgr.cgi script of the D-Link DNS-320 FW network storage software is related to errors in eliminating certain elements in the OS command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7AI score0.99968EPSS
Exploits2References5Affected Software1
NVD
NVD
added 2021/11/01 1:15 p.m.19 views

CVE-2021-27004

System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...

5.5CVSS0.00216EPSS
Exploits0References1
Prion
Prion
added 2021/11/01 1:15 p.m.15 views

Design/Logic Flaw

System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...

1.7CVSS5.3AI score0.00216EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/01 12:30 p.m.51 views

CVE-2021-27004

CVE-2021-27004 affects NetApp System Manager 9.x (versions 9.7 and higher up to but not including 9.7P16, 9.8P7, and 9.9.1P2). The documented flaw allows a local attacker to discover plaintext iSCSI CHAP credentials. Red Hat and other sources corroborate the same impact for System Manager in affe...

5.5CVSS5.3AI score0.00216EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/01 12:30 p.m.19 views

CVE-2021-27004

System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...

5.6AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/01 12:0 a.m.5 views

Clustered Data ONTAP 安全漏洞

Netapp Clustered Data ONTAP is a storage operating system for clustered mode from the US-based Netapp. A security vulnerability exists in Clustered Data ONTAP that could allow a local attacker to discover plain text iSCSI CHAP credentials. The following products and versions are affected: System...

5.5CVSS5.8AI score0.00216EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/31 12:0 a.m.70 views

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:1404-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...

8.4CVSS6.6AI score0.06604EPSS
Exploits5References10
Prion
Prion
added 2021/10/29 8:15 p.m.19 views

Directory traversal

A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter...

4CVSS6.4AI score0.01133EPSS
Exploits1References1Affected Software1
0day.today
0day.today
added 2021/10/13 12:0 a.m.683 views

Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution Exploit

Moodle versions 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12, and earlier unsupported versions allow for a teacher to exploit chain to remote code execution. A bug in the privileges system allows a teacher to add themselves as a manager to their own class. They can then add any other users, and...

0.2AI score0.16425EPSS
Exploits8
Metasploit
Metasploit
added 2021/10/12 5:42 p.m.315 views

Moodle Teacher Enrollment Privilege Escalation to RCE

Moodle version 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12 and earlier unsupported versions allow for a teacher to exploit chain to RCE. A bug in the privileges system allows a teacher to add themselves as a manager to their own class. They can then add any other users, and thus look to add...

8.8CVSS6.7AI score0.16425EPSS
Exploits8
Lenovo
Lenovo
added 2021/02/09 6:36 p.m.91 views

NetApp OnCommand System Manager 9.x Vulnerability - Lenovo Support US

No description provided...

5.5CVSS5.5AI score0.00357EPSS
Exploits0
OSV
OSV
added 2021/02/08 10:15 p.m.5 views

CVE-2020-8587

OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs...

5.5CVSS5.8AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2021/02/08 10:15 p.m.32 views

CVE-2020-8587

OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs...

5.5CVSS0.00357EPSS
Exploits0References1
Rows per page
Query Builder