Lucene search
+L

31 matches found

Positive Technologies
Positive Technologies
added 2022/10/06 12:0 a.m.5 views

PT-2022-25406 · Nps · Nps

Name of the Vulnerable Software and Affected Versions: NPS versions prior to 0.26.10 Description: The issue allows for an authentication bypass via constantly generating and sending the Auth key and Timestamp parameters. Recommendations: For versions prior to 0.26.10, update to version 0.26.10 or...

9.8CVSS9.4AI score0.0156EPSS
Exploits1References6
OSV
OSV
added 2022/06/21 1:44 p.m.17 views

CLSA-2022-1655819051 Fixed CVE-2022-22576 in curl

CVE-2022-22576: check additional SASL parameters for connection reuse...

8.1CVSS6.7AI score0.01914EPSS
Exploits1References1
OSV
OSV
added 2021/01/15 4:15 p.m.33 views

CVE-2021-22171

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...

6.5CVSS6.6AI score0.01332EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/01/15 4:15 p.m.33 views

CVE-2021-22171

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...

7.3CVSS6.8AI score0.01332EPSS
Exploits0References1
OSV
OSV
added 2021/01/15 4:15 p.m.3 views

UBUNTU-CVE-2021-22171

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...

7.3CVSS5.8AI score0.01332EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/01/15 3:10 p.m.40 views

CVE-2021-22171

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...

7.3CVSS7.2AI score0.01332EPSS
Exploits0References3
NVD
NVD
added 2020/07/24 1:15 a.m.16 views

CVE-2020-15924

There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters...

7.5CVSS8AI score0.01881EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/07/24 12:58 a.m.20 views

CVE-2020-15924

There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters...

8.1AI score0.01881EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2020/06/17 12:0 a.m.10 views

GaussDB: Changing the Password of the Initial User

The initial user SYS is a system administrator and has all system permissions. For database security, change the password of SYS as soon as possible after the database is installed. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...

7.5AI score
Exploits0References1
CVE
CVE
added 2020/02/04 1:46 p.m.68 views

CVE-2013-7051

CVE-2013-7051 affects D-Link DIR-100 with firmware 4.03B07. The issue is a security bypass in the cli.cgi module caused by failure to check authentication parameters, enabling unauthorized access through the CLI path. Public references describe multiple vulnerabilities for this device (CVE-2013-7...

8.8CVSS8.7AI score0.15615EPSS
Exploits7References4Affected Software1
Positive Technologies
Positive Technologies
added 2017/04/19 12:0 a.m.5 views

PT-2017-17181 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco ASA Software versions prior to 9.17.7 Cisco ASA Software versions prior to 9.24.11 Cisco ASA Software versions prior to 9.44 Cisco ASA Software versions prior to 9.53 Cisco ASA Software versions prior to 9.61.5 Description: A...

7.7CVSS7.4AI score0.02988EPSS
Exploits0References5
Rows per page
Query Builder