Lucene search
K

2886 matches found

Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.44 views

Oracle Linux 5 : kernel (ELSA-2013-0594-1)

From Red Hat Security Advisory 2013:0594 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVS...

7.6CVSS7.5AI score0.08738EPSS
Exploits1References2
securityvulns
securityvulns
added 2013/06/17 12:0 a.m.49 views

RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RUCKUS ADVISORY ID 031813-2 Customer release date: March 25, 2013 Public release date: May 27, 2013 TITLE User authentication bypass vulnerability in ZoneDirector administrative web interface SUMMARY An user authentication bypass vulnerability has bee...

0.5AI score
Exploits0
CERT
CERT
added 2013/03/18 12:0 a.m.237 views

Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL

Overview Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL 0.9.8o. Description Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier uses OpenSSL for SSL/TLS encryption. The version of OpenSSL that comes with the Fiery...

7.5AI score
Exploits0References3
NVD
NVD
added 2013/01/24 9:55 p.m.20 views

CVE-2012-6441

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/I...

5CVSS6AI score0.54168EPSS
Exploits0References6
NVD
NVD
added 2013/01/24 9:55 p.m.25 views

CVE-2012-6437

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. Successful exploitation of this vulnerability could cause loss of availability, integrity, and...

10CVSS7.9AI score0.09579EPSS
Exploits0References6
Cvelist
Cvelist
added 2013/01/24 9:0 p.m.35 views

CVE-2012-6441 Rockwell Automation ControlLogix PLC Information Exposure

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/I...

5CVSS6AI score0.54168EPSS
Exploits0References5
Cvelist
Cvelist
added 2013/01/24 9:0 p.m.32 views

CVE-2012-6442 Rockwell Automation ControlLogix PLC Improper Access Control

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communicatio...

7.8CVSS6.5AI score0.32807EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2013/01/24 9:0 p.m.6 views

CVE-2012-6437 Rockwell Automation ControlLogix PLC Improper Authentication

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. Successful exploitation of this vulnerability could cause loss of availability, integrity, and...

10CVSS5.8AI score0.09579EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2013/01/24 12:0 a.m.4 views

PT-2013-1944

Name of the Vulnerable Software and Affected Versions Rockwell Automation EtherNet/IP products versions prior to the fixed version Rockwell Automation 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules versions prior to the fixed version Rockwell Automation CompactLogix L32E and...

7.8CVSS5.5AI score0.41888EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2013/01/24 12:0 a.m.7 views

PT-2013-1950

Name of the Vulnerable Software and Affected Versions Rockwell Automation EtherNet/IP products versions 18 and earlier Rockwell Automation EtherNet/IP products versions 19 and earlier Rockwell Automation EtherNet/IP products versions 20 and earlier 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB...

7.8CVSS5.5AI score0.32807EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2013/01/24 12:0 a.m.3 views

PT-2013-1948

Name of the Vulnerable Software and Affected Versions Rockwell Automation EtherNet/IP products versions prior to the fixed version 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules versions prior to the fixed version CompactLogix L32E and L35E controllers versions prior to the...

9.3CVSS5.4AI score0.08121EPSS
Exploits0References9
Cisco
Cisco
added 2013/01/23 4:31 p.m.30 views

Cisco Wireless LAN Controllers Wireless Intrusion Prevention System Denial of Service Vulnerability

Cisco Wireless LAN Controllers WLC Wireless Intrusion Prevention System wIPS contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper handling of crafted IP packets by the wIPS software component...

7.8CVSS2.7AI score0.01819EPSS
Exploits0References1
Cisco
Cisco
added 2013/01/23 4:0 p.m.23 views

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

The Cisco Wireless LAN Controller Cisco WLC product family is affected by the following four vulnerabilities: Cisco Wireless LAN Controllers Wireless Intrusion Prevention System wIPS Denial of Service Vulnerability Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service...

9CVSS7.1AI score0.01819EPSS
Exploits0References1
Veeam
Veeam
added 2012/12/03 12:0 a.m.28 views

VSS Errors Related to the 'NTDS' VSS Writer

Challenge This article discusses an error that occurs due to VSS and Veeam's Guest Processing technique for Domain Controllers. It is relevant to all backup jobs for both virtual and physical Domain Controllers. A job processing a Domain Controller with Application-Aware Processing fails with one...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2012/11/01 12:0 a.m.42 views

SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference

SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference IOActive Security Advisory Title: SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference Severity: Critical Discovered by: Lucas Apa Date Reported: 09/11/12 CVE: TBD Siemens Advisory: SSA-938777...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2012/10/29 1:12 p.m.13 views

DHS Warns ICS, SCADA Owners About Increase in Malicious Activity

An alert from the Department of Homeland Security late last week urges private- and public-sector industrial control system ICS owners to be proactive in auditing the security, particularly, authentication controls of their systems. The alert is in response to a growing concern over the number of...

0.2AI score
Exploits0References6
ICS
ICS
added 2012/10/09 6:0 a.m.56 views

3S CoDeSys Vulnerabilities

Overview This advisory is a follow-up to the alert update, ICS-ALERT-11-336-01A 3S CoDeSys Vulnerabilities, which was released on the ICS-CERT Web page on December 02, 2011. Security researcher Celil Unuver SignalSec LLC and independent researcher Luigi Auriemma have identified vulnerabilities in...

10CVSS7.6AI score0.73201EPSS
Exploits8References10
Prion
Prion
added 2012/08/26 3:17 a.m.18 views

Sql injection

SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sortcol variable in the listitems function, a different vulnerability than CVE-2012-3477...

7.5CVSS8.7AI score0.01318EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.83 views

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. CVE-2007-5907, Important - Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects vDSO implementation. This...

7.1CVSS5.9AI score0.03209EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.18 views

Scientific Linux Security Update : ipa on SL6.x i386/x86_64

This Identity Management Application is a centralized authentication, identity management and authorization solution for both traditional and cloud based enterprise environments. It integrates components of the Upstream Directory Server, MIT Kerberos, the Upstream Certificate System, NTP, and DNS...

6.8CVSS5.5AI score0.0084EPSS
Exploits0References2
Rows per page
Query Builder