Lucene search
K

50 matches found

Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.5 views

PT-2024-28751 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products, allowing attackers to send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash...

7.5CVSS6.9AI score0.0056EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.4 views

PT-2024-28747 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface wi...

4.9CVSS6.8AI score0.00458EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/29 12:0 a.m.5 views

PT-2024-10190 · Fortinet · Fortianalyzer +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager, FortiAnalyzer versions 6.2.10 through 6.2.13 Fortinet FortiManager, FortiAnalyzer versions 7.0.2 through 7.0.12 Fortinet FortiManager, FortiAnalyzer versions 7.2.0 through 7.2.5 Fortinet FortiManager, FortiAnalyzer...

9CVSS8.1AI score0.01348EPSS
Exploits0References6
OSV
OSV
added 2024/02/13 3:15 a.m.2 views

CVE-2024-22131

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

7.2CVSS5.9AI score0.01079EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/23 12:0 a.m.5 views

The vulnerability of the HNAP1 interface in D-Link DIR-822 microprogrammed router software allows a hacker to gain access to administrator accounts with empty passwords.

The vulnerability of the HNAP1 interface of D-Link DIR-822 microprogrammed router software is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to access administrator accounts with empty passwords...

10CVSS7.8AI score0.00916EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/12/20 10:15 a.m.6 views

CVE-2023-6910

A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource consumption. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests...

6.5CVSS6.6AI score0.00916EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/12/20 10:15 a.m.3 views

CVE-2023-6910

A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource consumption. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests...

6.5CVSS6.5AI score0.00916EPSS
Exploits0References4
OSV
OSV
added 2023/04/11 3:15 a.m.4 views

CVE-2023-27897

In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform...

6.3CVSS6.5AI score0.00651EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.5 views

PT-2023-21404 · Sap · Sap Crm

Name of the Vulnerable Software and Affected Versions: SAP CRM versions 700 through 713 Description: The issue allows an authenticated attacker with a non-administrative role and common remote execution authorization to use a vulnerable interface and execute an application function, performing...

6.3CVSS6.4AI score0.00651EPSS
Exploits0References4
NVD
NVD
added 2023/03/14 6:15 a.m.15 views

CVE-2023-27893

An attacker authenticated as a user with a non-administrative role and a common remote execution authorization in SAP Solution Manager and ABAP managed systems ST-PI - versions 20881700, 20081710, 740, can use a vulnerable interface to execute an application function to perform actions which they...

8.8CVSS8.7AI score0.01184EPSS
Exploits0References2
OSV
OSV
added 2023/03/14 6:15 a.m.4 views

CVE-2023-27893

An attacker authenticated as a user with a non-administrative role and a common remote execution authorization in SAP Solution Manager and ABAP managed systems ST-PI - versions 20881700, 20081710, 740, can use a vulnerable interface to execute an application function to perform actions which they...

8.8CVSS7.5AI score0.01184EPSS
Exploits0References2
OSV
OSV
added 2023/02/09 5:15 p.m.2 views

CVE-2022-30564

Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time...

5.3CVSS5.8AI score0.00438EPSS
Exploits0References1
OSV
OSV
added 2022/12/27 6:15 p.m.3 views

CVE-2022-45428

Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information...

2.7CVSS5.8AI score0.00678EPSS
Exploits0References1
OSV
OSV
added 2022/12/27 6:15 p.m.6 views

CVE-2022-45427

Some Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can upload arbitrary files...

7.2CVSS5.9AI score0.007EPSS
Exploits0References1
NVD
NVD
added 2022/12/27 6:15 p.m.22 views

CVE-2022-45428

Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information...

2.7CVSS0.00678EPSS
Exploits0References1
OSV
OSV
added 2022/12/27 6:15 p.m.4 views

CVE-2022-45426

Some Dahua software products have a vulnerability of unrestricted download of file. After obtaining the permissions of ordinary users, by sending a specific crafted packet to the vulnerable interface, an attacker can download arbitrary files...

6.5CVSS5.9AI score0.00584EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.4 views

Dahua software products 访问控制错误漏洞

Dahua software products are a family of applications from Dahua Corporation Dahua of China. A security vulnerability exists in several Dahua software products that stems from an unauthenticated request for an AES encryption key that allows an attacker to obtain an AES encryption key by sending a...

5.3CVSS5.8AI score0.00679EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.6 views

LZ4 缓冲区错误漏洞

LZ4 is a lossless compression algorithm. A security vulnerability exists in LZ4 that stems from the use of a C API that is vulnerable to memory corruption. An attacker can exploit the vulnerability to execute arbitrary code...

9.8CVSS8.7AI score0.01058EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/27 12:0 a.m.6 views

PT-2022-27513 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua software products affected versions not specified Description: The issue allows for an unauthenticated restart of the remote DSS Server. An attacker can bypass the firewall access control policy by sending a specific crafted packet to t...

7.5CVSS7.2AI score0.00642EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/27 12:0 a.m.10 views

PT-2022-27512 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua software products affected versions not specified Description: The issue allows an attacker to enable or disable the SSHD service without authentication. This can be achieved by sending a crafted packet to the vulnerable interface after...

3.7CVSS6.9AI score0.00414EPSS
Exploits0References6
Rows per page
Query Builder