Lucene search
K

10091 matches found

OSV
OSV
added 2021/01/13 10:15 p.m.4 views

CVE-2021-1184

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS6.2AI score0.02194EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.6 views

CVE-2021-1162

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02194EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.3 views

CVE-2021-1168

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02753EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.4 views

CVE-2021-1170

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02194EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.5 views

CVE-2021-1171

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02194EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.6 views

CVE-2021-1169

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02194EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.3 views

CVE-2021-1158

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. The vulnerabilities are due to insufficient...

4.8CVSS6.1AI score0.00716EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.3 views

CVE-2021-1147

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerabilities are due to improper validation of...

7.2CVSS6.2AI score0.02371EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.3 views

CVE-2021-1130

A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface...

4.8CVSS6AI score0.00817EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.5 views

多款Cisco产品跨站脚本漏洞

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A stored cross-site scripting vulnerability exists in the Web management interface of the Cisco...

4.8CVSS6AI score0.00552EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.7 views

Cisco Small Business 跨站脚本漏洞

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A stored cross-site scripting vulnerability exists in the Web management interface of the Cisco...

4.8CVSS6AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2021/01/07 3:15 p.m.2 views

CVE-2020-26773

Restaurant Reservation System 1.0 suffers from an authenticated SQL injection vulnerability, which allows a remote, authenticated attacker to execute arbitrary SQL commands via the date parameter in includes/reservation.inc.php...

8.8CVSS7.6AI score0.01567EPSS
Exploits0References2
OSV
OSV
added 2021/01/04 2:4 p.m.7 views

USN-4674-1 dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. CVE-2020-24386 Innokentii Sennovskiy...

7.5CVSS7.2AI score0.0466EPSS
Exploits1References3
Hacker One
Hacker One
added 2021/01/04 1:48 p.m.17 views

Rocket.Chat: Registration bypass with leaked Invite Token

The Rocket.Chat API route 'validateInviteToken' was vulnerable to a registration bypass attack. The route allowed unauthenticated users to guess valid invite tokens by sending a crafted JSON payload with a regular expression. Once a valid token was obtained, the user could access private channels...

7AI score
Exploits0
OSV
OSV
added 2021/01/04 12:0 p.m.2 views

UBUNTU-CVE-2020-24386

An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...

6.8CVSS7.2AI score0.02751EPSS
Exploits0References3
OSV
OSV
added 2021/01/01 2:15 a.m.4 views

CVE-2020-35932

Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges such as subscribers to use the tpncrender AJAX action to inject arbitrary PHP objects via the optionsinlineedits parameter. NOTE: exploitability depends on PH...

8.8CVSS7.4AI score0.02082EPSS
Exploits1References1
OSV
OSV
added 2020/12/26 1:15 a.m.4 views

CVE-2020-35714

Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program...

8.8CVSS7.4AI score0.02655EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2020/12/23 12:0 a.m.4 views

PT-2020-17266 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 12.0.3 Description: The issue allows for authenticated Remote Code Execution. An attacker with access to the admin dashboard can exploit the backup function by inserting a payload into the zipfilename template parameter in th...

9CVSS7.2AI score0.06361EPSS
Exploits1References13
OSV
OSV
added 2020/12/22 5:15 p.m.6 views

CVE-2019-11786

Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to modify translated terms, which may lead to arbitrary content modification on translatable elements...

4.3CVSS5.9AI score0.00692EPSS
Exploits0References1
OSV
OSV
added 2020/12/21 6:15 p.m.3 views

CVE-2020-4794

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force...

5.4CVSS6AI score0.00838EPSS
Exploits0References2
Rows per page
Query Builder