Lucene search
K

177 matches found

Vulnrichment
Vulnrichment
added 2025/09/02 11:25 a.m.6 views

CVE-2025-52545 Privilege escalation in the application services

E3 Site Supervisor Control firmware version 2.31F01 RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services...

7.7CVSS6.4AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/02 11:25 a.m.21 views

CVE-2025-52545 Privilege escalation in the application services

E3 Site Supervisor Control firmware version 2.31F01 RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services...

7.7CVSS0.00241EPSS
Exploits0References1
CNVD
CNVD
added 2024/01/03 12:0 a.m.99 views

Command Execution Vulnerability in Green Alliance WAF of Beijing Shenzhou Green Alliance Technology Co., Ltd (CNVD-2024-07088)

Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. Ltd. Green Alliance WAF has a command execution vulnerability that can be exploited by attackers to execute arbitrary commands...

7.9AI score
Exploits0
CNVD
CNVD
added 2023/02/02 12:0 a.m.4 views

Unauthorized Access Vulnerability in Application Infrastructure Services of Xiamen Nalon Health Technology Co.

Xiamen Nalong Health Technology Co., Ltd. is a high-tech, specialized and new enterprise integrating the research and development, production, sales and software service of medical electronic instruments and equipment. An unauthorized access vulnerability exists in the application infrastructure...

6.8AI score
Exploits0
OSV
OSV
added 2022/10/25 9:15 p.m.4 views

CVE-2022-28170

Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file...

6.5CVSS7.1AI score0.00207EPSS
Exploits0References2
NVD
NVD
added 2022/10/25 9:15 p.m.27 views

CVE-2022-28170

Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file...

6.5CVSS0.00207EPSS
Exploits0References2
CNVD
CNVD
added 2022/01/21 12:0 a.m.31 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05875)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

6.1CVSS1.6AI score0.00946EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/21 12:0 a.m.21 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05879)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

6.1CVSS1.6AI score0.00946EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/19 12:0 a.m.43 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05874)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

7.5CVSS1.7AI score0.92331EPSS
Exploits6References1
CNVD
CNVD
added 2021/09/07 12:0 a.m.29 views

Tuxera NTFS-3G Buffer Overflow Vulnerability (CNVD-2021-72273)

Tuxera NTFS-3G is Finland's Tuxera company's set of open source , cross-platform for supporting NTFS partition read and write drivers . NTFS-3G suffers from a buffer overflow vulnerability that can be exploited by an attacker to potentially cause a heap buffer overflow and allow arbitrary memory...

7.8CVSS8AI score0.00414EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.24 views

Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w)

According to its self-reported version, Cisco Application Services Engine affected by multiple Unauthorized Access Vulnerabilities. - A vulnerability in Cisco Application Services Engine could allow an unauthenticated, remote attacker to access a privileged service on an affected device. The...

10CVSS7.6AI score0.0225EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.24 views

Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass (cisco-sa-mso-authbyp-bb5GmBQv)

According to its self-reported version, a vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator MSO installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper tok...

10CVSS8.8AI score0.14359EPSS
Exploits0References3
NVD
NVD
added 2021/06/16 7:15 p.m.11 views

CVE-2021-32659

Matrix-appservice-bridge is the bridging service for the Matrix communication program's application services. In versions 2.6.0 and earlier, if a bridge has room upgrade handling turned on in the configuration the roomUpgradeOpts key when instantiating a new Bridge instance., any m.room.tombstone...

6.5CVSS0.00936EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/10 12:0 a.m.14 views

SQL Injection Vulnerability in Website Construction System of Guangzhou Daxun Yunshang Network Technology Co.

Guangzhou Daxun Yunshang Network Technology Co., Ltd. is a company mainly engaged in enterprises and institutions of Internet application services, website construction, mobile station, micro letter platform depth development, SEO website optimization and promotion of business. Guangzhou Daxun...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.7 views

The vulnerability of the Cisco Wide Area Application Services Software (WAAS) program lies in its ability to disclose information in erroneous data fields, allowing an intruder to gain access to confidential data.

The vulnerability of the Cisco Wide Area Application Services Software WAAS package is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

5.5CVSS5.9AI score0.00242EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/05/14 12:0 a.m.10 views

Cisco Application Services Engine (ASE) Detection

Binary data ciscoapplicationservicesenginedetect.nbin...

7.3AI score
Exploits0References1
OSV
OSV
added 2021/05/06 1:15 p.m.4 views

CVE-2021-1438

A vulnerability in Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute...

5.5CVSS6.3AI score0.00242EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/06 12:0 a.m.9 views

Cisco Wide Area Application Services Information Disclosure Vulnerability (CNVD-2021-37691)

Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An information disclosure vulnerability exists in Cisco...

5.5CVSS6.7AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.4 views

Cisco Wide Area Application Services 安全漏洞

Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An information disclosure vulnerability exists in Cisco...

5.5CVSS6AI score0.00242EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.5 views

The vulnerability of the Cisco Application Services Engine software’s key storage mechanism lies in the lack of authentication for critical functions. This allows attackers to gain access to certain services on vulnerable devices.

The vulnerability of the Cisco Application Services Engine software’s key storage mechanism is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a malicious actor to gain access to a specific service on a vulnerable device...

10CVSS8.1AI score0.0225EPSS
Exploits0References3
Rows per page
Query Builder