Lucene search
+L

80 matches found

Positive Technologies
Positive Technologies
added 2023/05/05 12:0 a.m.26 views

PT-2023-23176 · Mage Ai · Mage Ai

Name of the Vulnerable Software and Affected Versions: mage-ai versions 0.8.34 through 0.8.71 Description: The issue affects mage-ai, an open-source data pipeline tool, when used with user authentication enabled. It allows the terminal to be accessed by users who are not signed in or do not have...

9.8CVSS9.4AI score0.00659EPSS
Exploits0References10
OSV
OSV
added 2023/03/27 9:15 p.m.5 views

CVE-2022-46416

Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network e.g., by guessing the password. Then, the attacker would need to send...

5.9CVSS5.8AI score0.00875EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.5 views

PT-2023-21661 · Opendoas +1 · Opendoas +1

Name of the Vulnerable Software and Affected Versions: OpenDoas versions 6.8.2 and earlier Description: The issue allows privilege escalation due to sharing a terminal with the original session when TIOCSTI is available. TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable...

8.8CVSS8.5AI score0.00642EPSS
Exploits0References14
Prion
Prion
added 2023/03/07 5:15 p.m.18 views

Design/Logic Flaw

An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device’s authentication...

4.6CVSS6.8AI score0.00316EPSS
Exploits0References1Affected Software54
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.3 views

SUSE CVE-2010-4242

The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service NULL pointer dereference via vectors related to the...

4CVSS6.4AI score0.00459EPSS
Exploits3References5
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.4 views

Foresight Sports GC3 安全漏洞

Foresight Sports GC3 is a full-featured golf ball launch monitor from Foresight Sports. A security vulnerability exists in Foresight Sports GC3 Launch Monitor prior to version 1.5.0.2, which originated from a vulnerability that allows process debugging, file system modification, and terminal acce...

8CVSS7.7AI score0.00757EPSS
Exploits1References5
NVD
NVD
added 2021/04/07 9:15 p.m.21 views

CVE-2021-26758

Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows attackers to gain root terminal access and execute commands on the host system...

9CVSS0.02707EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/04/07 8:50 p.m.25 views

CVE-2021-26758

Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows attackers to gain root terminal access and execute commands on the host system...

9.2AI score0.02707EPSS
Exploits1References3
CNVD
CNVD
added 2020/06/08 12:0 a.m.4 views

pam_tacplus Log Message Disclosure Vulnerability

pamtacplus is a PAM module for authenticating users via TACACS + Terminal Access Controller Access Control System from Pawe Krawczyk Software Developers in the UK. A log information disclosure vulnerability exists in the support.c file in pamtacplus versions 1.3.8 through 1.5.1, which can be...

7.5CVSS6.3AI score0.01673EPSS
Exploits0References1
Kitploit
Kitploit
added 2019/05/22 9:35 p.m.127 views

Graffiti - A Tool To Generate Obfuscated One Liners To Aid In Penetration Testing

NOTE : Never upload payloads to online checkers Graffiti is a tool to generate obfuscated oneliners to aid in penetration testing situations. Graffiti accepts the following languages for encoding: Python Perl Batch Powershell PHP Bash Graffiti will also accept a language that is not currently on...

7.5AI score
Exploits0References2
OSV
OSV
added 2019/03/21 4:0 p.m.7 views

CVE-2018-17495

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prom...

7.8CVSS5.8AI score0.00384EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/11/27 2:29 p.m.5 views

CVE-2018-9083

In System Management Module SMM versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability...

9.3CVSS5.5AI score0.01075EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/18 12:0 a.m.7 views

Cisco Wireless LAN Controller Software GUI Elevation of Privilege Vulnerability

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. The Cisco Wireless LAN Controller Software GUI elevation of privilege vulnerability is caused by incorrect...

7.8CVSS7.8AI score0.03163EPSS
Exploits0References1
OSV
OSV
added 2018/10/17 10:29 p.m.3 views

CVE-2018-0417

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller WLC Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrect parsing of a specific...

7.8CVSS5.9AI score0.03163EPSS
Exploits0References3
OSV
OSV
added 2018/10/17 8:29 p.m.8 views

CVE-2018-18386

drivers/tty/ntty.c in the Linux kernel before 4.14.11 allows local attackers who are able to access pseudo terminals to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ...

3.3CVSS5AI score
Exploits0References7
CNVD
CNVD
added 2018/10/16 12:0 a.m.5 views

Cisco IOS and IOS XE Software Denial of Service Vulnerability (CNVD-2019-01903)

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices.TACACS+ is one of the terminal access control subsystems. An input validation vulnerability exists in the TACACS+ client subsystem in Cisco IOS Software and IOS XE Software, which stems fr...

7.8CVSS6.6AI score0.02063EPSS
Exploits0References1
OSV
OSV
added 2018/10/05 2:29 p.m.10 views

CVE-2018-15369

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of crafted TACACS+...

6.8CVSS5.8AI score0.02063EPSS
Exploits0References2
Veracode
Veracode
added 2017/12/21 6:47 a.m.8 views

Privilege Escalation

github.com/juju/juju is vulnerable to privilege escalation. A malicious user with access to the terminal can gain root privileges through the command juju-run 'whoami'...

7.1AI score
Exploits0
Mageia
Mageia
added 2017/05/10 8:47 p.m.27 views

Updated lxterminal package fixes security vulnerability

unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service preventing terminal launch, or possibly have other impact bypassing terminal access control. CVE-2016-10369...

7.8CVSS3.6AI score0.00319EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/05/08 6:29 p.m.16 views

CVE-2016-10369

unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service preventing terminal launch, or possibly have other impact bypassing terminal access control...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References2
Rows per page
Query Builder