Lucene search
K

70 matches found

CVE
CVE
added 2024/07/09 12:0 a.m.70 views

CVE-2024-40728

NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...

7.1CVSS5.8AI score0.00353EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.4 views

NetBox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.2AI score0.00353EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/19 2:25 p.m.23 views

CVE-2024-3684 Improper Privilege Management was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console

A server side request forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin access to the appliance when configuring the Artifacts & Logs and Migrations Storage. Exploitation of this vulnerability...

8CVSS8.2AI score0.01095EPSS
Exploits0References4
OSV
OSV
added 2023/04/18 5:15 p.m.5 views

CVE-2023-1548

A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert V15.1 and above...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/18 4:42 p.m.16 views

CVE-2023-1548

A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert V15.1 and above...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References1
0day.today
0day.today
added 2022/02/22 12:0 a.m.195 views

Cyclades Serial Console Server 3.3.0 Privilege Escalation Vulnerability

Exploit Title: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Exploit Author: @ibby Vendor Homepage: https://www.vertiv.com/en-us/ Software Link: https://downloads2.vertivco.com/SerialACS/ACS/ACSv3.3.0-16/FL0536-017.zip Version: Legacy Versions V1.0.0 to V3.3.0-16 Tested on:...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/04/12 12:0 a.m.4 views

Remote Command Execution Vulnerability in the Console of Chianxin Tianrong Terminal Security Management System

Chianxin Tianrong Terminal Security Management System is an integrated terminal security product solution for government and enterprise organizations. The product integrates anti-virus, terminal security control, terminal access, terminal audit, peripheral control, EDR and other functions, is...

8.4AI score
Exploits0References1
exploitpack
exploitpack
added 2019/10/16 12:0 a.m.16 views

Zilab Remote Console Server 3.2.9 - zrcs Unquoted Service Path

Zilab Remote Console Server 3.2.9 - zrcs Unquoted Service Path Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/10/16 12:0 a.m.58 views

Zilab Remote Console Server 3.2.9 - (zrcs) Unquoted Service Path Vulnerability

Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on Windows 10 CVE : N/...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/10/16 12:0 a.m.177 views

Zilab Remote Console Server 3.2.9 zrcs Unquoted Service Path

Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.202 views

Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path

Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on...

7.4AI score
Exploits0
CNVD
CNVD
added 2019/08/04 12:0 a.m.1 views

Opengear console server cross-site scripting vulnerability

Opengear console server is a console server from Opengear USA. It is capable of managing network, server, and power infrastructures with monitoring, troubleshooting, and remediation features. A cross-site scripting vulnerability exists in the Opengear console server using firmware versions prior ...

5.4CVSS6.4AI score0.00649EPSS
Exploits1References1
OSV
OSV
added 2019/07/31 9:15 p.m.5 views

CVE-2019-14456

Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...

5.4CVSS6AI score0.00649EPSS
Exploits1References1
Prion
Prion
added 2019/07/31 9:15 p.m.16 views

Cross site scripting

Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...

3.5CVSS5.2AI score0.00649EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/31 8:17 p.m.21 views

CVE-2019-14456

Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...

5.3AI score0.00649EPSS
Exploits1References1
CVE
CVE
added 2019/07/31 8:17 p.m.81 views

CVE-2019-14456

CVE-2019-14456 affects Opengear console server firmware releases prior to 4.5.0. The vulnerability is a stored XSS in the serial-port logging path: crafted text sent to a serial port with logging enabled can be replayed when logs are viewed. Exploitation requires access to the serial port/console...

5.4CVSS5.2AI score0.00649EPSS
Exploits1References1Affected Software1
FireEye
FireEye
added 2017/09/01 11:0 a.m.36 views

Monitoring Windows Console Activity (Part 1)

Introduction While performing incident response, Mandiant encounters attackers actively using systems on a compromised network. This activity often includes using interactive console programs via RDP such as the command prompt, PowerShell, and sometimes custom command and control C2 console tools...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2016/01/11 12:0 a.m.21 views

Emerson Avocent® ACS 6000 Advanced Console Server 弱口令

No description provided by source...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/09/30 12:0 a.m.8 views

Avira Management Console Server HTTP Header Processing Heap Buffer Overflow

A heap buffer overflow vulnerability has been reported in Avira Management Console Server. The vulnerability exists in the way Update Manager Service handles overly long HTTP headers. A remote unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the server...

2.4AI score
Exploits0
Prion
Prion
added 2015/01/21 3:17 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection SCSP 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x through 6.0 MP1 allows remote authenticated users ...

3.5CVSS5.6AI score0.04591EPSS
Exploits4References5Affected Software2
Rows per page
Query Builder