CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2024/09/26 8:34 a.m.•50 views

CVE-2024-47044

Summary (CVE-2024-47044) : Several NTT East Home GateWay/Hikari Denwa routers fail to restrict access permissions (CWE-451), allowing an attacker who knows a WAN-side IPv6 address to reach the device’s Settings page via WAN-side. Affected models include RT-400MI, PR-400MI, RV-440MI, PR-500MI, RS-...

5.3CVSS6.9AI score0.00296EPSS

Cvelist•added 2024/09/26 8:34 a.m.•18 views

CVE-2024-47044

0.00296EPSS

Vulnrichment•added 2024/09/26 8:34 a.m.•9 views

CVE-2024-47044

7.1AI score0.00296EPSS

NVD•added 2024/09/26 4:15 a.m.•8 views

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

7.8CVSS0.0007EPSS

Cvelist•added 2024/09/26 3:33 a.m.•16 views

CVE-2024-47045

0.0007EPSS

CVE•added 2024/09/26 3:33 a.m.•57 views

CVE-2024-47045

The CVE-2024-47045 issue affects the installer for the e-Tax software (common program). The vulnerability allows a malicious DLL uploaded or introduced by an attacker to run with higher privileges than the application, due to privilege escalation in the install process (root cause described as a ...

7.8CVSS6.5AI score0.0007EPSS

The Hacker News•added 2023/07/17 5:17 a.m.•32 views

CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise

The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. "As a vector of primary compromise, for the most part, emails and messages in messengers Telegram, WhatsApp, Signal are used, in most cases, using...

7.2AI score

The Hacker News•added 2023/06/15 10:1 a.m.•29 views

New Report Reveals Shuckworm's Long-Running Intrusions on Ukrainian Organizations

The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and...

6.9AI score

Rapid7 Blog•added 2022/11/16 3:48 p.m.•10 views

Rapid7 Takes Home 2 Awards and a Highly Commended Recognition at the 2022 Belfast Telegraph IT Awards

Rapid7 was honored at the Belfast Telegraph's annual IT Awards, Friday, taking home a pair of awards including the coveted “Best Place to Work in IT” in the large company category award, and the “Cyber Security Project of the Year” award, for groundbreaking machine learning research in applicatio...

CNNVD•added 2022/03/22 12:0 a.m.•2 views

多款 Nippon Telegraph and Telephone West Corporation 产品操作系统命令注入漏洞

Nippon Telegraph and Telephone West Corporation Netcommunity OG410Xa and others are a type of firmware from Nippon Telegraph and Telephone West Corporation, Japan. A security vulnerability exists in several Nippon Telegraph and Telephone West Corporation products that originates from a system...

8.8CVSS7.8AI score0.00346EPSS

Exploits0References5

HackRead•added 2021/10/06 6:47 p.m.•26 views

The Telegraph newspaper exposed 10TB of subscriber data

By Deeba Ahmed The data was exposed due to an unprotected Elasticsearch cluster and remained open to public access without any security authentication. This is a post from HackRead.com Read the original post: The Telegraph newspaper exposed 10TB of subscriber data...

1.2AI score

Openbugbounty•added 2020/07/27 1:28 a.m.•11 views

racingtelegraph.co.uk Cross Site Scripting vulnerability OBB-1239647

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score

ThreatPost•added 2020/05/29 4:45 p.m.•69 views

NTT Communications Data Breach Affects Customers, Threatens Supply Chain

Japan-based systems integrator NTT Communications has disclosed a recent data breach that it said impacted hundreds of customers. The total affected comes to as many as 621 customers, the company said, but security experts worry about the impacts of the data breach due to the company’s positionin...

0.1AI score

Exploits0References9

NCSC•added 2020/05/09 12:0 a.m.•5 views

Vulnerabilities fixed in VMware vRealize Operations Manager

There are two vulnerabilities in VMware vRealize Operations Manager. These vulnerabilities, if exploited, can lead to the execute arbitrary code with administrator privileges on the Application Remote Collector ARC and all virtual systems on which an ARC Telegraph agent is installed. VMWare has...

9.8CVSS9.9AI score0.94234EPSS

Exploits24

OSV•added 2019/09/12 5:15 p.m.•2 views

CVE-2019-5986

Cross-site request forgery CSRF vulnerability in Hikari Denwa router/Home GateWay Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version...

8.8CVSS6.9AI score

NVD•added 2019/09/12 5:15 p.m.•9 views

CVE-2019-5986

8.8CVSS8.8AI score0.00147EPSS

NVD•added 2019/09/12 5:15 p.m.•10 views

CVE-2019-5985

Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005...

6.1CVSS6AI score0.00292EPSS

OSV•added 2019/09/12 5:15 p.m.•2 views

CVE-2019-5985

6.1CVSS6.5AI score0.00292EPSS