Lucene search
K

37 matches found

ATTACKERKB
ATTACKERKB
added 2022/01/12 5:0 p.m.8 views

CVE-2022-22156

An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle PitM attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the integrity and confidentiality of the device. The...

7.4CVSS7.1AI score0.0055EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2021/12/30 10:15 p.m.18 views

CVE-2021-20158

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the change of the admin password due to a hidden administrative command...

9.8CVSS0.10774EPSS
Exploits0References1
NVD
NVD
added 2021/12/30 10:15 p.m.18 views

CVE-2021-20157

It is possible for an unauthenticated, malicious user to force the device to reboot due to a hidden administrative command...

7.8CVSS0.01549EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/12/30 9:31 p.m.16 views

CVE-2021-20158

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the change of the admin password due to a hidden administrative command...

10AI score0.10774EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/30 12:0 a.m.4 views

Trendnet AC2600 访问控制错误漏洞

Trendnet AC2600 TEW-827DRU is a wireless router. version 2.08B01 of the Trendnet AC2600 TEW-827DRU contains a security vulnerability that stems from a hidden administrative command that could be exploited to force an attacker to change the administrator password...

9.8CVSS5.6AI score0.10774EPSS
Exploits0References2
FireEye
FireEye
added 2018/04/23 3:0 p.m.40 views

Loading Kernel Shellcode

In the wake of recent hacking tool dumps, the FLARE team saw a spike in malware samples detonating kernel shellcode. Although most samples can be analyzed statically, the FLARE team sometimes debugs these samples to confirm specific functionality. Debugging can be an efficient way to get around...

7.6AI score
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2017/05/02 12:0 a.m.83 views

F5 Networks BIG-IP : Linux kernel vulnerability (K68852819)

Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service use-after-free by making multiple bind system calls without properly ascertaining whether a socket has the SOCKZAPPED status, related to...

7CVSS6.5AI score0.00296EPSS
Exploits0References2
Veeam
Veeam
added 2013/07/22 4:11 p.m.67 views

Insufficient Storage for VSS Error "0x8004231F or Error: VSSControl: -2147467259"

Challenge The following error occurs during a task that utilizes the Microsoft VSS subsystem: VSSControl: -2147467259 Backup job failed. Cannot create a shadow copy of the volumes containing writer's data. VSS asynchronous operation is not completed. Operation: Shadow copies commit. Code:...

7AI score
Exploits0
NVD
NVD
added 2013/03/13 12:55 a.m.18 views

CVE-2013-0083

Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."...

4.3CVSS5.2AI score0.14333EPSS
Exploits0References2
Prion
Prion
added 2013/03/13 12:55 a.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."...

4.3CVSS5.5AI score0.14333EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2013/03/13 12:0 a.m.139 views

CVE-2013-0083

CVE-2013-0083 affects Microsoft SharePoint Server 2010 SP1 (and SharePoint Foundation 2010) via a cross-site scripting (XSS) vulnerability in crafted site content that allows an attacker to inject arbitrary script/HTML. This could lead to execution of administrative commands in the context of the...

4.3CVSS5.3AI score0.14333EPSS
Exploits0References2Affected Software2
erpscan
erpscan
added 2012/12/03 12:0 a.m.18 views

SAP NetWeaver PI SDK - XXE and XXE Tunneling

Application: SAP PI SDK Versions Affected: SAP PI SDK Vendor URL: http://www.sap.com Bugs: Security Bypass Exploits: YES Reported: 12.03.2012 Vendor response: 13.03.2012 Date of Public Advisory: 22.10.2012 Reference: SAP Security Note 1723641 Authors: Alexander Polyakov, Alexey Tyurin, Alexandr...

0.8AI score
Exploits0
erpscan
erpscan
added 2012/07/13 12:0 a.m.23 views

SAP GRMGApp - XXE and authentication bypass

Application: SAP NetWeaver J2EE Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Security Bypass, XXE Exploits: YES Reported: 13.07.2012 Vendor response: 14.07.2012 Date of SAP Security Note Published: 08.01.2013 Date of Public Advisory: 28.01.2013 Reference: SAP Security Not...

0.9AI score
Exploits0
erpscan
erpscan
added 2011/08/04 12:0 a.m.29 views

SAP NetWeaver SPML - XML External Entity

Application: SAP NetWeaver JAVA Versions Affected: 6.40/7.02 maybe others Vendor URL: http://www.sap.com Bugs: XML External Entity Exploits: YES Reported: 08.04.2011 Vendor response: 09.04.2011 Patched by SAP: 11.09.2012 Date of Public Advisory: 15.12.2012 Reference: SAP Security Note 1621534...

0.6AI score
Exploits0
erpscan
erpscan
added 2011/07/12 12:0 a.m.24 views

SAP Netweaver CCMS - XML External Entity

Application: SAP NetWeaver ABAP Versions Affected: SAP NetWeaver ABAP Vendor URL: http://www.sap.com Bugs: XML External Entity Exploits: YES Reported: 07.12.2011 Vendor response: 08.12.2011 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1715040 Authors: Alexey Tyurin ERPScan...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/25 12:0 a.m.22 views

Lyris ListManager Subscription Form Administrative Command Injection

The remote host appears to be running ListManager, a web-based commercial mailing list management application from Lyris. According to its banner, the version of ListManager installed on the remote host does not sufficiently sanitize input to the 'pw' parameter when processing new subscription...

7.5CVSS5.5AI score0.03014EPSS
Exploits1References3
securityvulns
securityvulns
added 2000/03/01 12:0 a.m.97 views

SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application

Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...

7.2AI score
Exploits0
Rows per page
Query Builder