Lucene search
K

368 matches found

OpenVAS
OpenVAS
added 2023/12/06 12:0 a.m.10 views

Fedora: Security Advisory for rust-tealdeer (FEDORA-2023-6215ea423b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2023/12/06 12:0 a.m.11 views

Fedora: Security Advisory (FEDORA-2023-9790b327cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
Prion
Prion
added 2023/10/23 4:15 p.m.16 views

Design/Logic Flaw

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands...

4.3CVSS7.4AI score0.00177EPSS
Exploits0References1Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.20 views

Cisco IOS XE Software Web UI Command Injection (cisco-sa-webui-cmdij-FzZAeXAy)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient...

8.8CVSS8.3AI score0.0074EPSS
Exploits0References4
NVD
NVD
added 2023/09/27 6:15 p.m.18 views

CVE-2023-20231

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the...

8.8CVSS9.1AI score0.0074EPSS
Exploits0References1
Prion
Prion
added 2023/09/27 6:15 p.m.22 views

Input validation

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the...

6.5CVSS8.9AI score0.0074EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/27 5:19 p.m.26 views

CVE-2023-20231

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the...

8.8CVSS9.3AI score0.0074EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/27 5:19 p.m.8 views

CVE-2023-20231

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the...

8.8CVSS7.9AI score0.0074EPSS
Exploits0References1
NVD
NVD
added 2023/08/17 10:15 a.m.25 views

CVE-2023-29182

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

6.7CVSS6.8AI score0.00254EPSS
Exploits0References1
Prion
Prion
added 2023/08/17 10:15 a.m.32 views

Stack overflow

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

4CVSS6.9AI score0.00254EPSS
Exploits0References1Affected Software1
Fortinet
Fortinet
added 2023/08/17 12:0 a.m.85 views

Protect

A stack-based buffer overflow vulnerability CWE-121 in FortiOS may allow a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

4CVSS9.6AI score0.00254EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/08/14 12:0 a.m.30 views

Fortinet FortiOS Buffer Overflow Vulnerability (CNVD-2023-64450)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. Fortinet FortiOS suffers from a...

6.7CVSS8AI score0.00254EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/08 12:0 a.m.34 views

Fortinet Fortigate Buffer overflow in execute extender command (FG-IR-23-149)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-149 advisory. - A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execut...

6.7CVSS8AI score0.00254EPSS
Exploits0References3
NVD
NVD
added 2023/06/13 9:15 a.m.26 views

CVE-2022-41327

A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in...

7.8CVSS7.5AI score0.00126EPSS
Exploits0References1
Prion
Prion
added 2023/06/13 9:15 a.m.23 views

Design/Logic Flaw

A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in...

1.4CVSS4.4AI score0.00126EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2023/06/13 8:41 a.m.11 views

CVE-2022-41327

A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in...

7.8CVSS6.2AI score0.00126EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/13 8:41 a.m.33 views

CVE-2022-41327

A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in...

7.8CVSS7.5AI score0.00126EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/06/12 12:0 a.m.36 views

Fortinet Fortigate Read Only administrator can intercept sensitive data (FG-IR-22-380)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-380 advisory. - A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4,...

7.8CVSS5.2AI score0.00126EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.12 views

Fedora: Security Advisory for rust-tealdeer (FEDORA-2023-cc21019773)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01121EPSS
Exploits1References2
NVD
NVD
added 2023/05/03 10:15 p.m.33 views

CVE-2023-27993

A relative path traversal CWE-23 in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands...

7.1CVSS6.2AI score0.00226EPSS
Exploits0References1
Rows per page
Query Builder