Lucene search
K

208 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2023/02/09 12:0 a.m.7 views

Guide to Container Management on AWS

This article explores how services provided by Amazon Web Services enable better container management with simplicity, flexibility, and complete control...

2.9AI score
Exploits0
Prion
Prion
added 2023/01/20 7:15 a.m.12 views

Design/Logic Flaw

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker ...

4CVSS6.4AI score0.0021EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.77 views

GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities

The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...

9.8CVSS7.8AI score0.08523EPSS
Exploits9References7
OSV
OSV
added 2022/09/06 5:18 p.m.26 views

CVE-2022-2735

A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw...

7.8CVSS7.9AI score0.00299EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2022/09/06 5:18 p.m.41 views

CVE-2022-2735

A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw...

7.8CVSS7.8AI score0.00299EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.25 views

Oracle Linux 9 : pcs (ELSA-2022-9753)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9753 advisory. 0.11.1-10.el90.2 - Fixed ruby socket permissions - Resolves: rhbz2116839 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.8CVSS7.5AI score0.00299EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:12 p.m.3 views

Malicious code in @btu-tools/mfe-feature-toggles (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1c049f661074e61263051b6fa7e69a238c8ec979f8c180855cadc60ac3f59dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Talos Blog
Talos Blog
added 2022/03/07 8:45 a.m.26 views

Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device

Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and... This is...

7.5CVSS1.3AI score0.0172EPSS
Exploits0
NVD
NVD
added 2021/03/18 6:15 p.m.22 views

CVE-2021-22665

Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system...

7.8CVSS0.00434EPSS
Exploits0References2
Prion
Prion
added 2021/03/18 6:15 p.m.13 views

Privilege escalation

Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system...

7.2CVSS7.7AI score0.00434EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/03/18 5:3 p.m.24 views

CVE-2021-22665

Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system...

7.9AI score0.00434EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2021/02/03 11:31 a.m.330 views

3 New Severe Security Vulnerabilities Found In SolarWinds Software

Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code execution with elevated privileges. Two of the flaws CVE-2021-25274 and CVE-2021-25275 were identified in...

10CVSS9.5AI score0.36426EPSS
Exploits3
Prion
Prion
added 2020/12/14 9:15 p.m.18 views

Authorization

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...

10CVSS9.4AI score0.01372EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2020/11/12 12:0 a.m.15 views

Sympa <= 6.2.59 Privilege Escalation Vulnerability

Sympa is prone to a privilege escalation vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

7.8CVSS7.8AI score0.00352EPSS
Exploits0References3
NVD
NVD
added 2020/09/09 1:15 p.m.25 views

CVE-2020-6318

A Remote Code Execution vulnerability exists in the SAP NetWeaver ABAP Server, up to release 7.40 and ABAP Platform release 7.40.Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing,...

9.1CVSS0.05641EPSS
Exploits2References4
Prion
Prion
added 2020/09/09 1:15 p.m.23 views

Remote code execution

A Remote Code Execution vulnerability exists in the SAP NetWeaver ABAP Server, up to release 7.40 and ABAP Platform release 7.40.Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing,...

6.5CVSS7.3AI score0.05641EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2020/07/31 1:15 p.m.36 views

CVE-2020-14334

A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance...

8.8CVSS8.6AI score0.00315EPSS
Exploits0References1
Prion
Prion
added 2020/07/31 1:15 p.m.29 views

Design/Logic Flaw

A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance...

4.6CVSS8.5AI score0.00315EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/31 12:41 p.m.42 views

CVE-2020-14334

A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance...

8.6AI score0.00315EPSS
Exploits0References1
NVD
NVD
added 2020/02/19 8:15 p.m.15 views

CVE-2019-1950

A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker who has access to ...

8.4CVSS8.4AI score0.00333EPSS
Exploits0References1
Rows per page
Query Builder