Lucene search
K

66 matches found

ATTACKERKB
ATTACKERKB
added 2019/06/20 3:15 a.m.3 views

CVE-2019-18980

On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. Th...

7.5CVSS7.5AI score0.00439EPSS
Exploits1References2
NVD
NVD
added 2019/05/10 6:29 p.m.22 views

CVE-2018-7064

A reflected cross-site scripting XSS vulnerability is present in an unauthenticated Aruba Instant web interface. An attacker could use this vulnerability to trick an IAP administrator into clicking a link which could then take administrative actions on the Instant cluster, or expose the session...

6.1CVSS6.5AI score0.01406EPSS
Exploits0References3
CNVD
CNVD
added 2018/08/21 12:0 a.m.2 views

Reprise License Manager Arbitrary File Read Vulnerability

Reprise License Manager RLM is a suite of license management software from Reprise, Inc. An arbitrary file read vulnerability exists in Reprise RLM 12.2BL2 and earlier versions, which stems from the fact that by default, the web interface on port 5054 does not require authentication. The...

9.3CVSS7.2AI score0.02146EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2018/06/27 9:49 a.m.19 views

CVE-2018-8016

The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...

9.8CVSS9.4AI score0.06692EPSS
Exploits0References2
OSV
OSV
added 2018/05/02 7:29 a.m.7 views

CVE-2018-10544

Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface...

9.8CVSS5.8AI score0.01223EPSS
Exploits1References1
CVE
CVE
added 2018/05/02 7:0 a.m.44 views

CVE-2018-10544

CVE-2018-10544 affects Meross MSS110 devices, up to firmware version 1.1.24, which expose an unauthenticated administrative web interface (admin.htm). The connected CNVD/NVD entries confirm a straightforward unauthenticated access path to manage interfaces, with the CNVD noting the risk of inform...

9.8CVSS9.5AI score0.01223EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder