Lucene search
K

50 matches found

Positive Technologies
Positive Technologies
added 2022/12/27 12:0 a.m.10 views

PT-2022-27512 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua software products affected versions not specified Description: The issue allows an attacker to enable or disable the SSHD service without authentication. This can be achieved by sending a crafted packet to the vulnerable interface after...

3.7CVSS6.9AI score0.00414EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/27 12:0 a.m.5 views

PT-2022-27506 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua software products affected versions not specified Description: The issue concerns a vulnerability that allows an attacker to obtain encrypted MQTT credentials through an unauthenticated request by sending a crafted packet to the...

7.5CVSS7.4AI score0.00572EPSS
Exploits0References3
OSV
OSV
added 2022/06/28 2:15 p.m.0 views

CVE-2022-30560

When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash...

7.4CVSS7.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/28 2:15 p.m.1 views

CVE-2022-30560

When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash...

7.4CVSS5.8AI score0.00789EPSS
Exploits0References2
Prion
Prion
added 2022/06/28 2:15 p.m.21 views

Code injection

When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash...

5.8CVSS7.3AI score0.00789EPSS
Exploits0References1Affected Software40
Cvelist
Cvelist
added 2021/05/06 11:1 a.m.41 views

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

9.2AI score0.02497EPSS
Exploits1References4
OSV
OSV
added 2019/08/29 12:15 a.m.3 views

CVE-2019-10724

There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher privilege. The following are affected products and versions: Legion Y520TZ370 6.0.1.8642, AIO310-20IAP 6.0.1.8642, AIO510-22ISH 6.0.1.8642...

6.5CVSS5.9AI score0.01218EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/07 12:0 a.m.3 views

Logic Flaw Vulnerability in the Security Authentication of a Dahua Webcam Model

Zhejiang Dahua Technology Co., Ltd, is a video-centered intelligent IOT solution provider and operation service provider. A logic flaw vulnerability exists in the security authentication of a Dahua webcam model, which allows an attacker to forge packets and call the interface to execute arbitrary...

7.6AI score
Exploits0
CNVD
CNVD
added 2019/07/23 12:0 a.m.2 views

RANGER Studio Directus Code Execution Vulnerability (CNVD-2019-39679)

RANGER Studio Directus is a set of open source headless CMS and API for managing custom databases from RANGER Studio, U.S.A. The Directus API is one of the components that can add a RESTful API layer to new or existing SQL databases. A security vulnerability exists in the RANGER Studio Directus 7...

8.8CVSS7.6AI score0.02577EPSS
Exploits1References1
0day.today
0day.today
added 2017/05/17 12:0 a.m.242 views

Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1107 Windows: COM Aggregate Marshaler/IRemUnknown2 Type Confusion EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: When...

1.9CVSS6.4AI score0.84138EPSS
Exploits15
Rows per page
Query Builder