Lucene search
K

595 matches found

NVD
NVD
added 2023/11/16 9:15 a.m.13 views

CVE-2023-32469

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution...

7.5CVSS0.00217EPSS
Exploits0References1
OSV
OSV
added 2023/11/16 9:15 a.m.5 views

CVE-2023-32469

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution...

6.7CVSS6AI score0.00217EPSS
Exploits0References1
Prion
Prion
added 2023/11/16 9:15 a.m.16 views

Input validation

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution...

4CVSS7.7AI score0.00217EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2023/11/16 8:14 a.m.18 views

CVE-2023-32469

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution...

7.5CVSS7.8AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/16 12:0 a.m.6 views

Dell Precision Tower BIOS Input Validation Error Vulnerability

Dell Precision Tower BIOS is a series of computer workstations for CAD/Architecture/CG professionals or as a small business server from Dell USA. A security vulnerability exists in the Dell Precision Tower BIOS, which arises from a component that contains incorrect input validation, and which cou...

7.5CVSS7.1AI score0.00217EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/16 12:0 a.m.5 views

PT-2023-23810 · Dell · Dell Precision Tower Bios

Name of the Vulnerable Software and Affected Versions: Dell Precision Tower BIOS affected versions not specified Description: The issue is related to an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerabili...

7.5CVSS6.7AI score0.00217EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2023/10/07 10:22 a.m.14 views

tokyotower-movie.jp Cross Site Scripting vulnerability OBB-3727455

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2023/08/28 3:49 p.m.45 views

CVE-2023-4567

A blind SQL injection flaw was found in tower API. This issue may allow an attacker to craft a malicious SQL query into the SOCIALAUTHGITHUBKEY parameter in the /api/v2/settings/all/ endpoint and completely compromise the backend tower SQL database...

7.9AI score
Exploits0References2
OSV
OSV
added 2023/08/03 5:23 p.m.16 views

CLSA-2023-1691083401 Fix CVE(s): CVE-2022-3697

SECURITY UPDATE: improper handling of towercallback parameter in amazon.aws collection - debian/patches/CVE-2022-3697.patch: ec2instance - validate options on towercallback - CVE-2022-3697 Enable unit testing...

7.5CVSS6.8AI score0.00712EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2023/07/17 11:13 a.m.12 views

Tracking Down a Suspect through Cell Phone Records

Interesting forensics in connection with a serial killer arrest: Investigators went through phone records collected from both midtown Manhattan and the Massapequa Park area of Long Island--two areas connected to a "burner phone" they had tied to the killings. In court, prosecutors later said the...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/03 7:46 p.m.9 views

towerhamletsarts.org.uk Cross Site Scripting vulnerability OBB-3381636

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/05/12 9:1 p.m.9 views

global-tower.com Cross Site Scripting vulnerability OBB-3327980

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.16 views

FreeBSD : py-ansible -- data leak vulnerability (f418cd50-561a-49a2-a133-965d03ede72a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f418cd50-561a-49a2-a133-965d03ede72a advisory. - A flaw was found in Ansible where the secret information present in asyncfiles are getting disclosed...

6AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-12148

A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project SCM repository definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that...

9CVSS9AI score0.01707EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.3 views

SUSE CVE-2020-1746

A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldapattr and ldapentry community modules are used. The issue...

5CVSS9AI score0.00406EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.5 views

SUSE CVE-2020-10744

An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running becomeuser from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9....

5CVSS8.6AI score0.00255EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.5 views

SUSE CVE-2021-3447

A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the nolog feature. An...

5CVSS8.9AI score0.00333EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.6 views

SUSE CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...

7.5CVSS9.1AI score0.00712EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/02/08 9:39 a.m.2 views

Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware

A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 before he was extradited...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/01/03 4:3 a.m.5 views

bookings.spinnakertower.co.uk Cross Site Scripting vulnerability OBB-3127334

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder