Lucene search
K

211 matches found

nvd
nvd
added 2016/11/23 11:59 a.m.21 views

CVE-2016-8673

A vulnerability has been identified in SIMATIC CP 343-1 Advanced incl. SIPLUS NET variant All versions V3.0.53, SIMATIC CP 443-1 Advanced incl. SIPLUS NET variant All versions V3.2.17, SIMATIC S7-300 PN/DP CPU family incl. SIPLUS variants All versions, SIMATIC S7-400 PN/DP CPU family incl. SIPLUS...

8.8CVSS8.6AI score0.01089EPSS
Exploits0References1
prion
prion
added 2016/11/23 11:59 a.m.15 views

Server side request forgery (ssrf)

A vulnerability has been identified in SIMATIC CP 343-1 Advanced incl. SIPLUS NET variant All versions V3.0.53, SIMATIC CP 443-1 Advanced incl. SIPLUS NET variant All versions V3.2.17, SIMATIC S7-300 PN/DP CPU family incl. SIPLUS variants All versions, SIMATIC S7-400 PN/DP CPU family incl. SIPLUS...

6.8CVSS7AI score0.01089EPSS
Exploits0References1
cvelist
cvelist
added 2016/11/23 11:0 a.m.26 views

CVE-2016-8673

A vulnerability has been identified in SIMATIC CP 343-1 Advanced incl. SIPLUS NET variant All versions V3.0.53, SIMATIC CP 443-1 Advanced incl. SIPLUS NET variant All versions V3.2.17, SIMATIC S7-300 PN/DP CPU family incl. SIPLUS variants All versions, SIMATIC S7-400 PN/DP CPU family incl. SIPLUS...

8.6AI score0.01089EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Windows operating system, which allows a malicious individual to alter the information transmitted during an RDP session

The vulnerability in the Remote Desktop Protocol RDP allows an attacker to modify the contents of the traffic for an active RDP session...

5.1CVSS5.5AI score0.0571EPSS
Exploits0References3
hackerone
hackerone
added 2014/07/10 6:0 a.m.100 views

HackerOne: Session Hijacking attack (Different Scenario)

Hey I was able to replay a cookie of a current active session and hijack that by replaying the cookie. Now this is different from any conventional vanilla session hijacking because it works even when the user is not logged in. But the condition is that the victim's session must be active at the...

0.6AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.29 views

Multiple Vendor TCP Session Acknowledgement Number Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13215/info Multiple Vendor TCP/IP stack implementations are reported prone to a denial of service vulnerability. A report indicates that the vulnerability manifests when an erroneous TCP acknowledgement number is...

7.1AI score
Exploits0
ptsecurity
ptsecurity
added 2014/05/12 12:0 a.m.5 views

PT-2014-2868 · D Link · D-Link Dir-505L Shareport Mobile Companion +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-505L SharePort Mobile Companion version 1.01 D-Link DIR-826L Wireless N600 Cloud Router version 1.02 Description: The issue allows remote attackers to bypass authentication via a direct request when an authorized session is active...

9.3CVSS6.7AI score0.0416EPSS
Exploits0References2
exploitdb
exploitdb
added 2014/01/08 12:0 a.m.20 views

Built2Go PHP Shopping - Cross-Site Request Forgery (Admin Password)

source: https://www.securityfocus.com/bid/64735/info Built2Go PHP Shopping is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to use a victim's currently active session to change the victim's password. Successful exploits will compromise...

7.4AI score
Exploits0
cvelist
cvelist
added 2013/07/31 2:0 p.m.20 views

CVE-2013-2993

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 does not properly perform authentication for unspecified web services, which allows remote attackers to issue requests in the context of an arbitrary user's active session via unknown vectors...

6.8AI score0.0123EPSS
Exploits0References3
securityvulns
securityvulns
added 2012/04/02 12:0 a.m.101 views

NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked

Medium Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a medium risk vulnerability in the McAfee Email and Web Security Appliance Impact: Active session tokens of other users are disclosed within the UI Versions affected: All...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2004/09/11 12:0 a.m.34 views

Multiple vulnerabilities in Icewarp Web Mail 5.2.7

ShineShadow Security Report 10092004-01 TITLE: Multiple vulnerabilities in Icewarp Web Mail 5.2.7 BACKGROUND Merak Mail Server, with the revolutionary Merak Mail Server GroupWare Server, cutting-edge Merak Mail Server Instant Antispam and much more, is the fastest, most stable, secure and 100 vir...

0.2AI score
Exploits0
Rows per page
Query Builder