Lucene search
K

40 matches found

Cvelist
Cvelist
added 2024/12/05 9:41 a.m.24 views

CVE-2024-52564

Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or...

7.5CVSS0.0058EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/12/04 12:0 a.m.14 views

JVN#46615026: Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX

UD-LT1 and UD-LT1/EX provided by I-O DATA DEVICE, INC. contain multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2024-45841 OS Command Injection CWE-78...

7.5CVSS8AI score0.00904EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/04/05 5:53 a.m.4 views

Multiple vulnerabilities in NEC Aterm series

Overview Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2024-28005 Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-497 - CVE-2024-28006 Incorrect Permission...

9.8CVSS8AI score0.00743EPSS
Exploits0References20
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/04/05 12:0 a.m.60 views

JVN#82074338: Multiple vulnerabilities in NEC Aterm series

Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.0 CVE-2024-28005 Exposure of Sensitive System Information to an Unauthorized Control...

9.8CVSS10AI score0.00743EPSS
Exploits0
NVD
NVD
added 2024/04/04 4:15 p.m.29 views

CVE-2024-2103

Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5...

6.5CVSS6.3AI score0.00455EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/04 3:18 p.m.23 views

CVE-2024-2103 Inclusion of Undocumented Features

Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5...

6.5CVSS6.5AI score0.00455EPSS
Exploits0References1
CVE
CVE
added 2024/04/04 3:18 p.m.66 views

CVE-2024-2103

CVE-2024-2103 covers an “inclusion of undocumented features” vulnerability affecting SEL relays: SEL-700BT, SEL-700G, SEL-710-5, SEL-751, SEL-787-2/ -3/ -4, and SEL-787Z. The issue arises when an attacker with privileged access can trigger undocumented features, causing the relay to behave unpred...

6.5CVSS6.3AI score0.00455EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/04 3:18 p.m.9 views

CVE-2024-2103 Inclusion of Undocumented Features

Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5...

6.5CVSS6.5AI score0.00455EPSS
Exploits0References1
ICS
ICS
added 2024/04/04 6:0 a.m.59 views

Schweitzer Engineering Laboratories SEL 700 series relays

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL 700 series relays Vulnerability : Inclusion of Undocumented Features 2. RISK EVALUATION Successful exploitation of this vulnerability...

6.5CVSS6.8AI score0.00455EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.7 views

PT-2024-18825 · Schweitzer Engineering Laboratories · Sel-751 +5

Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-700BT Motor Bus Transfer Relay affected versions not specified Schweitzer Engineering Laboratories SEL-700G Generator Protection Relay affected versions not specified Schweitzer Engineering Laboratories...

6.5CVSS6.7AI score0.00455EPSS
Exploits0References2
PyPA
PyPA
added 2023/05/11 10:15 p.m.8 views

PYSEC-2023-79

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the type...

7.5CVSS6.8AI score0.00725EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/11 12:0 a.m.6 views

PT-2023-23572 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.3.8 Description: The issue concerns internal calls with default arguments in Vyper, a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, these calls are compiled incorrectly,...

8.7CVSS7.4AI score0.00725EPSS
Exploits1References8
Rosalinux
Rosalinux
added 2021/07/02 5:59 p.m.24 views

Advisory ROSA-SA-2021-1954

Software: postfix 2.10.1 OS: Cobalt 7.9 CVE-ID: CVE-2017-10140 CVE-Crit: HIGH CVE-DESC: Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 may allow local users to gain privileges using undocumented features in Berkeley DB 2. x and later related to reading...

7.8CVSS7.7AI score0.00567EPSS
Exploits1
CNNVD
CNNVD
added 2021/04/30 12:0 a.m.4 views

Open-xchange OX App Suite 跨站脚本漏洞

Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. in a more intuitive way. A cross-site scripting vulnerability exists in OX App Suite version 7.10.4 and prior versions th...

6.1CVSS5.9AI score0.01077EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2020/12/21 9:35 p.m.113 views

Smart Doorbell Disaster: Many Brands Vulnerable to Attack

Smart doorbells, designed to allow homeowners to keep an eye on unwanted and wanted visitors, can often cause more security harm than good compared to their analog door bolt alternatives. Consumer-grade digital doorbells are riddled with potential cybersecurity vulnerabilities ranging from...

0.5AI score
Exploits0References7
Zero Science Lab
Zero Science Lab
added 2018/07/17 12:0 a.m.607 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Hidden Features

Summary The new IPn4Gb provides a rugged, industrial strength wireless solution using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control Lists. The IPn4Gb can transport critical data to and fro...

6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/07/17 12:0 a.m.661 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit

Summary The new IPn4Gb provides a rugged, industrial strength wireless solution using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control Lists. The IPn4Gb can transport critical data to and fro...

8.8CVSS6.6AI score0.00669EPSS
Exploits2
ThreatPost
ThreatPost
added 2012/01/20 5:19 p.m.15 views

Ladder logic

The devices tested by the Basecamp Project included the D20 PLC by GE, The Modicon Quantum by Schneider Electric, Rockwell and Koyo Electronics. Each device was tested using a number of additional attack vectors. Researchers attempted to upload custom firmware or so-called “ladder logic” for the...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2007/07/05 12:0 a.m.597 views

Multiple SAP Internet Graphics Service security vulnerabilities

File removal, insecure undocumented features, buffer overflow, crossite scripting...

2.5AI score
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2006/12/06 12:0 a.m.38 views

CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features

The following pre-advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSUndocumentedFeatures.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service IGS Undocumented Features ================== Vulnerability...

7.1AI score
Exploits0
Rows per page
Query Builder