Lucene search
K

71 matches found

Prion
Prion
added 2021/03/24 8:15 p.m.23 views

Input validation

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

4.6CVSS6.6AI score0.00265EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2021/03/24 8:6 p.m.9 views

CVE-2021-1449 Cisco Access Point Software Arbitrary Code Execution Vulnerability

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

6.7CVSS6.8AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2021/03/24 8:6 p.m.66 views

CVE-2021-1449

Cisco CVE-2021-1449 affects Cisco Access Points Software. A vulnerability in the boot logic allows an authenticated, local attacker to execute unsigned code at boot time by exploiting an improper startup check, requiring access to the device devshell. This could bypass software image verification...

6.7CVSS6.5AI score0.00265EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2021/03/24 4:0 p.m.82 views

Cisco Access Point Software Arbitrary Code Execution Vulnerability

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

6.7CVSS6.6AI score0.00265EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/11/23 12:0 a.m.10 views

openGauss: Ensuring the Existence of the Socket File

Some application programs may search for the socket file in the /tmp directory to deceive the server. During the system startup, the socket file /tmp/ $ USER gaussdb/.s.PGSQL. $PGPORT is created by default to prevent some applications from creating or overwriting the socket file in the /tmp...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/01/09 12:0 a.m.36 views

Cisco FXOS Software Secure Configuration Bypass (cisco-sa-20190515-nxos-conf-bypass)

According to its self-reported version, Cisco FXOS Software is affected by a configuration bypass vulnerability due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An authenticated, local attacker can exploit this, by...

7.2CVSS6.6AI score0.00251EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/30 12:0 a.m.38 views

openSUSE Security Update : systemd (openSUSE-2019-97)

This update for systemd provides the following fixes : Security issues fixed : - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas bsc1120323 - CVE-2018-16866: Fixed an information leak in journald bsc1120323 - Fixed an issue during system startup in...

7.8CVSS6.9AI score0.02958EPSS
Exploits4References10
OPENSUSE Linux
OPENSUSE Linux
added 2019/01/29 12:0 a.m.112 views

Security update for systemd (important)

openSUSE Security Update: Security update for systemd Announcement ID: openSUSE-SU-2019:0098-1 Rating: important References: 1005023 1045723 1076696 1080919 1093753 1101591 1111498 1114933 1117063 1119971 1120323 Cross-References: CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 CVE-2018-6954 Affecte...

7.8CVSS6.8AI score0.02958EPSS
Exploits5References11
OPENSUSE Linux
OPENSUSE Linux
added 2019/01/29 12:0 a.m.115 views

Security update for systemd (moderate)

openSUSE Security Update: Security update for systemd Announcement ID: openSUSE-SU-2019:0097-1 Rating: moderate References: 1005023 1076696 1101591 1114981 1115518 1119971 1120323 Cross-References: CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 Affected Products: openSUSE Leap 42.3 An update that...

7.8CVSS7.3AI score0.02958EPSS
Exploits4References7
NVD
NVD
added 2018/11/07 6:29 p.m.19 views

CVE-2018-19071

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at...

7.8CVSS7.7AI score0.0039EPSS
Exploits1References1
Zero Science Lab
Zero Science Lab
added 2018/07/17 12:0 a.m.661 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit

Summary The new IPn4Gb provides a rugged, industrial strength wireless solution using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control Lists. The IPn4Gb can transport critical data to and fro...

8.8CVSS6.6AI score0.00669EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/07/16 12:0 a.m.47 views

Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build 1184-14 IPn4Gb 1.1.0 Rev 2 build 1090-2 IPn4Gb 1.1.0 R...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/05/02 12:0 a.m.1898 views

Linux /dev/urandom RNG Flaws Exploit

There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and shortly after boot. Linux RNG flaws CVE-2018-1108 There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and...

0.1AI score0.01825EPSS
Exploits2
Kitploit
Kitploit
added 2017/12/23 1:20 p.m.23 views

dnscrypt-autoinstall - Automatic installation and configuration of DNSCrypt

A script for installing and automatically configuring DNSCrypt on Linux-based systems. Description DNSCrypt is a protocol for securing communications between a client and a DNS resolver by encrypting DNS queries and responses. It verifies that responses you get from a DNS provider have actually...

7.2AI score
Exploits0References3
0day.today
0day.today
added 2015/09/05 12:0 a.m.25 views

Windows Multiple - Registry Only Persistence Exploit

Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'msf/core/post/file' class Metasploit4 'Windows...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2015/09/04 12:0 a.m.36 views

Windows Registry Only Persistence

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'msf/core/post/file' class Metasploit4 'Windows Registry Only Persistence', 'Description' = %q This modul...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2014/12/02 12:0 a.m.17 views

Thomson Reuters Fixed Assets CS 13.1.4 - Local Privilege Escalation

Thomson Reuters Fixed Assets CS 13.1.4 - Local Privilege Escalation Exploit Title: Thomson Reuters Fixed Assets CS Windows 7, Windows 8 CVE : 2014-9141 Product Affected: Fixed Assets CS =13.1.4 Workstation Install Note: 2003/2008 Terminal Services/Published apps may be vulnerable, depending on...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/10/12 12:0 a.m.135 views

Time of Last System Startup

Using the supplied credentials, Nessus was able to determine when the host was last started. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56468; scriptversion"1.7"; scriptcvsdate"Date: 2018/06/19 13:32:15"; scriptnameenglish:"Time of Last System Startup";...

5.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.19 views

Debian: Security Advisory (DSA-580-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.0189EPSS
Exploits0References3
NVD
NVD
added 2006/02/09 2:2 a.m.17 views

CVE-2006-0623

QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup...

7.2CVSS7.2AI score0.00913EPSS
Exploits0References7
Rows per page
Query Builder