Lucene search
+L

154 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.29 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12394)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12394 advisory. - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References3
CNNVD
CNNVD
added 2023/06/08 12:0 a.m.5 views

Cisco Secure Workload 安全漏洞

Cisco Secure Workload is a software from Cisco that allows users to install software agents on their application workloads. A security vulnerability exists in the Cisco Secure Workload OpenAPI, which can be exploited by remote attackers to submit a special request that can be used to perform...

6.5CVSS6.9AI score0.00517EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/08 12:0 a.m.30 views

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6149-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6149-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

7.8CVSS7.6AI score0.16642EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.21 views

Amazon Linux AMI : kernel (ALAS-2023-1750)

The version of kernel installed on the remote host is prior to 4.14.314-164.539. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1750 advisory. In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References4
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.6 views

Hitron Technologies CODA 访问控制错误漏洞

Hitron Technologies CODA is a wireless router from Hitron Technologies China. An access control error vulnerability exists in Hitron Technologies CODA version 7.2.4.7.1b3, which stems from an insufficient authentication issue in the system configuration interface. An attacker could exploit this...

9.8CVSS8.6AI score0.00926EPSS
Exploits0References2
OSV
OSV
added 2023/05/23 2:15 a.m.3 views

CVE-2023-25946

Authentication bypass vulnerability in Qrio Lock Q-SL2 firmware version 2.0.9 and earlier allows a network-adjacent attacker to analyze the product's communication data and conduct an arbitrary operation under certain conditions...

8.8CVSS6.5AI score0.00361EPSS
Exploits0References2
Veracode
Veracode
added 2023/05/11 7:16 a.m.54 views

Use-After-Free

linux-lts is vulnerable to Use-After-Free. The vulnerability occurs within the netfilter 'nftables' when processing batch requests. This can be abused and used to perform arbitrary read and write operations on to the kernel memory...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References13Affected Software3
Cvelist
Cvelist
added 2023/05/08 12:0 a.m.49 views

CVE-2023-32233

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

7.7AI score0.12966EPSS
Exploits7References11
CVE
CVE
added 2023/04/27 12:0 a.m.39 views

CVE-2023-28697

CVE-2023-28697 affects Moxa MiiNePort E1 embedded module. The issue is insufficient access control, allowing an unauthenticated remote user to perform arbitrary system operations or disrupt service. Root cause and impacted details are described across multiple sources (NVD/CNVD/CVE records, CNVD,...

9.8CVSS9.6AI score0.00887EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/14 3:15 a.m.20 views

Cross site request forgery (csrf)

UNSUPPORTED WHEN ASSIGNED Cross-site request forgery CSRF vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated attacker to hijack the authentication and conduct arbitrary operations by having a logged-in user to view a malicious page...

6.8CVSS8.9AI score0.00364EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/14 12:0 a.m.32 views

CVE-2023-22375

Cross-site request forgery CSRF vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated attacker to hijack the authentication and conduct arbitrary operations by having a logged-in user to view a malicious page. NOTE: This vulnerability...

9.1AI score0.00364EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/22 12:0 a.m.6 views

ZTE ZXA10 C3XX 安全漏洞

ZTE ZXA10 C3XX is a series of optical access aggregation equipment with EPON/GPON function from China ZTE Corporation ZTE. An access control error vulnerability exists in the ZTE ZXA10 C3XX version 2.1.0 and later, before 2.1.0xgp002.4. The vulnerability stems from improper access control setting...

9.8CVSS6.8AI score0.00822EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.5 views

PT-2022-24712 · Zte · Zte Pon Olt

Name of the Vulnerable Software and Affected Versions: ZTE PON OLT products affected versions not specified Description: The issue is related to improper access control settings in ZTE PON OLT products, allowing remote attackers to log in to the device and execute any operation. Recommendations: ...

9.8CVSS7.2AI score0.00822EPSS
Exploits0References6
Prion
Prion
added 2022/08/16 1:15 p.m.17 views

Arbitrary file deletion

The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol 4000/TCP, 5000/TCP for communications between a master terminal and RTUs. Opcode 203 of this protocol allows a master terminal to transfer files to and from the...

7.5CVSS9.4AI score0.0042EPSS
Exploits0References2Affected Software5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/05/19 12:0 a.m.60 views

JVN#46892984: Multiple vulnerabilities in Rakuten Casa

Rakuten Casa provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. Use of Hard-coded Credentials CWE-798 - CVE-2022-29525 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 5.9 CVSS v2| AV:N/AC:M/Au:N/C:C/I:N/A:N| Base...

9.8CVSS8AI score0.02452EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/18 3:15 p.m.6 views

CVE-2022-29518

Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...

7CVSS6.5AI score0.00209EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/05/18 9:50 a.m.23 views

CVE-2022-29518

Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...

7.2AI score0.00209EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/18 12:0 a.m.5 views

PT-2022-19674 · Unknown +1 · Hmi Gc-A2 Series +2

Name of the Vulnerable Software and Affected Versions: Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01 HMI GC-A2 series versions including GC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2 Real time remote monitoring and control tool Remote GC...

7CVSS7AI score0.00209EPSS
Exploits0References6
CNVD
CNVD
added 2022/04/08 12:0 a.m.24 views

ASUS RT-AC56U Heap Buffer Overflow Vulnerability

The ASUS RT-AC56U is a dual-band Wi-Fi router from ASUS China. A security vulnerability exists in the ASUS RT-AC56U, which originates from an insufficient validation of the decryption parameter length, and allows an attacker to execute arbitrary code, arbitrary operations, and interrupt services...

8.8CVSS7.5AI score0.00554EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/08 12:0 a.m.22 views

ASUS RT-AX56U Stack Buffer Overflow Vulnerability

The ASUS RT-AX56U is a wireless router from ASUS of Taiwan, China. The ASUS RT-AX56U suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code, perform arbitrary operations, or interrupt services...

8.8CVSS7.9AI score0.00554EPSS
Exploits0References1
Rows per page
Query Builder