Lucene search
K

472 matches found

OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18353

Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page...

6.5CVSS8.5AI score0.01372EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/12/06 12:0 a.m.41 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss (SUSE-SU-2018:3591-2)

This update for MozillaFirefox to ESR 60.2.2 fixes several issues. These general changes are part of the version 60 release. New browser engine with speed improvements Redesigned graphical user interface elements Unified address and search bar for new installations New tab page listing top visite...

9.8CVSS7.3AI score0.13417EPSS
Exploits8References48
OSV
OSV
added 2018/11/07 6:29 p.m.5 views

CVE-2018-19076

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication...

9.8CVSS5.8AI score0.01852EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2018/11/01 12:0 a.m.50 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss (SUSE-SU-2018:3591-1)

This update for MozillaFirefox to ESR 60.2.2 fixes several issues. These general changes are part of the version 60 release. New browser engine with speed improvements Redesigned graphical user interface elements Unified address and search bar for new installations New tab page listing top visite...

9.8CVSS7.3AI score0.13417EPSS
Exploits8References48
OSV
OSV
added 2018/08/24 7:29 p.m.4 views

CVE-2017-12574

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; th...

9.8CVSS5.8AI score0.01795EPSS
Exploits1References1
Prion
Prion
added 2018/08/24 7:29 p.m.14 views

Hardcoded credentials

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; th...

10CVSS9.6AI score0.01795EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/08/24 7:0 p.m.25 views

CVE-2017-12574

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; th...

9.8AI score0.01795EPSS
Exploits1References1
ICS
ICS
added 2018/08/23 12:0 p.m.19 views

ClearScada Vulnerabilities (Update A)

Overview Researchers at Digital Bond have identified multiple vulnerabilities in the Control Microsystems ClearSCADA application. The following vulnerabilities have been identified: Heap Overflow Vulnerability Cross-site Scripting Vulnerabilities Insecure Web Authentication. Affected Products The...

9.2AI score
Exploits0References19
CNVD
CNVD
added 2018/06/13 12:0 a.m.2 views

Central Web Authentication ACL Bypass Vulnerability in Multiple Cisco Devices

Cisco Aironet 1560 Series Access Points and others are different families of wireless access point devices from Cisco, Inc.Central Web Authentication CWA with FlexConnect Access Points APs is one of the a component for configuring Central Web Authentication using wireless access points. A securit...

4.1CVSS4.8AI score0.0048EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/04 12:0 a.m.2 views

Multiple Cisco products certified to bypass the vulnerability

Cisco Aironet Access Points, IOS Software, and Wireless LAN Controller are products of Cisco Corporation.Cisco Aironet Access Points and Cisco Wireless LAN Controller are a set of wireless access point devices. Cisco Aironet Access Points and Cisco Wireless LAN Controller are a set of wireless...

4.7CVSS7AI score0.00947EPSS
Exploits0References1
OSV
OSV
added 2018/05/02 10:29 p.m.4 views

CVE-2018-0250

A vulnerability in Central Web Authentication CWA with FlexConnect Access Points APs for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list ACL. The vulnerability is du...

4.1CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2018/05/02 10:29 p.m.24 views

CVE-2018-0247

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

4.7CVSS5AI score0.00947EPSS
Exploits0References4
Prion
Prion
added 2018/05/02 10:29 p.m.23 views

Authentication flaw

A vulnerability in Central Web Authentication CWA with FlexConnect Access Points APs for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list ACL. The vulnerability is du...

2.7CVSS4.6AI score0.0048EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/05/02 10:29 p.m.22 views

Authentication flaw

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

3.3CVSS5AI score0.00947EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2018/05/02 10:0 p.m.8 views

CVE-2018-0250

A vulnerability in Central Web Authentication CWA with FlexConnect Access Points APs for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list ACL. The vulnerability is du...

6.8AI score0.0048EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/05/02 10:0 p.m.9 views

CVE-2018-0247

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

7AI score0.00947EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/05/02 10:0 p.m.16 views

CVE-2018-0250

A vulnerability in Central Web Authentication CWA with FlexConnect Access Points APs for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list ACL. The vulnerability is du...

4.5AI score0.0048EPSS
Exploits0References2
CVE
CVE
added 2018/05/02 10:0 p.m.59 views

CVE-2018-0247

The CVE-2018-0247 entry describes an authentication bypass in Web Authentication (WebAuth) clients used by Cisco IOS on Cisco Aironet Access Points and Wireless LAN Controllers (WLCs). Affected configurations require: AP in FlexConnect NAT mode, WLAN in central switching (unique IP per client), A...

4.7CVSS5AI score0.00947EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/05/02 10:0 p.m.22 views

CVE-2018-0247

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

5AI score0.00947EPSS
Exploits0References4
Cisco
Cisco
added 2018/05/02 4:0 p.m.56 views

Cisco Aironet Access Points Central Web Authentication FlexConnect Client ACL Bypass Vulnerability

A vulnerability in Central Web Authentication CWA with FlexConnect Access Points APs for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list ACL. The vulnerability is du...

4.1CVSS1.3AI score0.0048EPSS
Exploits0References1
Rows per page
Query Builder