880 matches found
CVE-2019-19885
CVE-2019-19885 affects Bender COMTRAXX devices (COM465IP, COM465DP, COM465ID, CP700, CP907, CP915) prior to version 4.2.0. Root cause: user authorization is validated for most routes but not all; a user who knows the routes can read and write configuration data without prior authorization. Impact...
Malware Families Turn to Legit Pastebin-Like Service
Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware — such as AgentTesla and LimeRAT — in spear-phishing attacks. Pastebin, a code-hosting service that enables users to share plain text through public posts called “pastes,” currently has 17...
Lazarus Group Surfaces with Advanced Malware Framework
The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...
CVE-2020-7513
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to intercept traffic and read configuration data...
CVE-2020-7513
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to intercept traffic and read configuration data...
Design/Logic Flaw
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to intercept traffic and read configuration data...
CVE-2020-7513
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to intercept traffic and read configuration data...
CVE-2020-11551
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi...
The vulnerability of Microprogrammed Software in Modicon Controllers arises from the existence of rigidly encrypted user data, which allows a intruder to execute any command against the Modicon Controllers.
The vulnerability of Microprogrammed Software in Modicon Controllers stems from the existence of rigidly encoded configuration data used to transmit configuration files to Modicon Controllers. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on Modicon...
The vulnerability of the Border Gateway Protocol (BGP) implementation in the Cisco NX-OS operating system allows a attacker to compromise the integrity and accessibility of protected information.
The vulnerability of the Border Gateway Protocol BGP implementation in the Cisco NX-OS operating system is related to the use of pre-installed configuration data. Exploiting this vulnerability could allow a malicious actor to compromise the integrity and accessibility of protected information...
Micro Focus Service Manager Information Disclosure Vulnerability (CNVD-2020-18401)
Micro Focus Service Manager is a suite of service desk software from Micro Focus UK. The software supports the deployment of a comprehensive IT service management ITSM system and standardizes management processes. A security vulnerability exists in Micro Focus Service manager. An attacker could...
Micro Focus Service Manager Information Disclosure Vulnerability (CNVD-2020-18400)
Micro Focus Service Manager is a suite of service desk software from Micro Focus UK. The software supports the deployment of a comprehensive IT service management ITSM system and standardizes management processes. A security vulnerability exists in Micro Focus Service manager. An attacker could...
CVE-2020-9518
Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...
CVE-2020-9518
Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...
Design/Logic Flaw
Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...
CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...
Design/Logic Flaw
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...
CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...
Moxa MB3xxx Series Protocol Gateways
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow,...
Lenovo XClarity Administrator Access Control Error Vulnerability
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The product is capable of providing agentless hardware management for servers, storage, network switches, and more. An access control error vulnerability exists in Lenovo XClarity Administrator LX...