Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.10 views

CVE-2026-8598

An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials...

9.1CVSS5.5AI score0.00507EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 8:3 p.m.5 views

CVE-2025-10653 Raise3D Pro2 Series 3D Printers Authentication Bypass Using an Alternate Path or Channel

An unauthenticated debug port may allow access to the device file system...

8.6CVSS0.00406EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.4 views

CVE-2020-11453

Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit ...

5.3CVSS5.8AI score0.02732EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/02/14 11:47 a.m.12 views

CVE-2024-38346

The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...

9.8CVSS8.8AI score0.03301EPSS
Exploits0References1
CNVD
CNVD
added 2024/07/09 12:0 a.m.8 views

Apache CloudStack Code Injection Vulnerability

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from a code injection vulnerability that...

9.8CVSS8.3AI score0.03301EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/05 1:40 p.m.34 views

CVE-2024-38346 Apache CloudStack: Unauthenticated cluster service port leads to remote execution

The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...

0.03301EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/05 1:40 p.m.17 views

CVE-2024-38346 Apache CloudStack: Unauthenticated cluster service port leads to remote execution

The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...

10AI score0.03301EPSS
Exploits0References4
CVE
CVE
added 2024/07/05 1:40 p.m.78 views

CVE-2024-38346

CVE-2024-38346 affects Apache CloudStack’s cluster service that runs on an unauthenticated port (default 9090). The provided documents describe a code-injection vulnerability enabling remote code execution on targeted hypervisors and CloudStack management server hosts, potentially leading to comp...

9.8CVSS10AI score0.03301EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/07/05 12:0 a.m.4 views

Apache CloudStack 代码注入漏洞

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from a code injection vulnerability that...

9.8CVSS8.6AI score0.03301EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.5 views

PT-2024-27949 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions prior to 4.18.2.1 Apache CloudStack versions prior to 4.19.0.2 Description: The CloudStack cluster service runs on an unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted...

9.8CVSS9.2AI score0.03301EPSS
Exploits0References28
OSV
OSV
added 2023/05/24 8:15 p.m.4 views

CVE-2023-31595

IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access...

7.5CVSS7.1AI score0.00843EPSS
Exploits2References2
NVD
NVD
added 2023/05/24 8:15 p.m.22 views

CVE-2023-31595

IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access...

7.5CVSS7.6AI score0.00843EPSS
Exploits2References2
Prion
Prion
added 2023/05/24 8:15 p.m.14 views

Improper access control

IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access...

5CVSS7.6AI score0.00843EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2023/05/24 12:0 a.m.22 views

CVE-2023-31595

IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access...

7.8AI score0.00843EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/05/24 12:0 a.m.2 views

IC Realtime ICIP-P2012T 安全漏洞

The IC Realtime ICIP-P2012T is a 2 megapixel camera from IC Realtime. A security vulnerability exists in IC Realtime ICIP-P2012T version 2.420, which stems from the susceptibility to incorrect access control via unauthenticated port access...

7.5CVSS7.3AI score0.00843EPSS
Exploits2References3
OSV
OSV
added 2019/08/29 1:15 a.m.1 views

DEBIAN-CVE-2019-11248

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...

8.2CVSS6.8AI score0.61139EPSS
Exploits0References1
Rows per page
Query Builder