Lucene search
K

279 matches found

Positive Technologies
Positive Technologies
added 2017/08/08 12:0 a.m.3 views

PT-2017-18385 · Microsoft · Sql Server Analysis Services +1

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server Analysis Services versions 2012 through 2016 Description: An information disclosure issue exists due to improper permission enforcement. If an attacker's credentials allow access to an affected SQL server database, they...

7.5CVSS7.4AI score0.08041EPSS
Exploits0References5
CNVD
CNVD
added 2017/06/09 12:0 a.m.3 views

Foscam camera firewall misconfiguration vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. There is a misconfiguration vulnerability in the Foscam camera firewall that allows an attacker to perform a brute force attack on credentials despite the presence of a...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2017/06/07 12:0 a.m.6 views

IBM Security Privileged Identity Manager Information Disclosure Vulnerability (CNVD-2017-09514)

IBM Security Privileged Identity Manager ISPIM is an identity management product within IBM Identity Governance and Management, an identity governance solution from IBM Corporation, USA, that protects, automates and audits the use of privileged identities,... It is designed to protect, automate a...

5.5CVSS5.8AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2017/03/23 6:59 a.m.2 views

CVE-2016-5757

iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials...

9.8CVSS5.8AI score0.01518EPSS
Exploits0References1
OSV
OSV
added 2016/09/02 2:59 p.m.2 views

CVE-2016-6893

Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...

8.8CVSS5.9AI score0.01613EPSS
Exploits0References4
NVD
NVD
added 2016/09/02 2:59 p.m.14 views

CVE-2016-6893

Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...

8.8CVSS7.6AI score0.01613EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.7 views

The vulnerability of the Radia Client Automation program allows a hacker to gain access to users’ account credentials.

The vulnerability of the Radia Client Automation program relates to deficiencies in restricting access to certain functions. Exploiting this vulnerability allows a malicious actor to list user accounts through the getUsers request, assign a role to a user account through the addAssigneesToRole...

10CVSS5.5AI score0.02269EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2015/11/17 3:59 p.m.21 views

CVE-2015-7996

The Nitro API in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM SVM devices allow attackers to obtain credentials via the browser cach...

5CVSS6.5AI score0.01023EPSS
Exploits0References2
OSV
OSV
added 2015/08/24 2:59 p.m.1 views

DEBIAN-CVE-2015-6524

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-361...

5CVSS7.5AI score0.08468EPSS
Exploits1References1
ICS
ICS
added 2015/02/28 7:0 a.m.74 views

IDS RTU 850 Directory Traversal Vulnerability

OVERVIEW Independent researchers Benjamin Kahler and Sebastian Kraemer of HSASec have identified a directory traversal vulnerability in IDS RTU 850C. IDS has produced a new module that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following ID...

6.8CVSS6.9AI score0.02605EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2014/10/10 12:0 a.m.5 views

PT-2014-6182 · Bmc · Bmc Track-It!

Name of the Vulnerable Software and Affected Versions: BMC Track-It! version 11.3.0.355 Description: The issue allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information without requiring authentication on TCP port 9010...

7.5CVSS9.7AI score0.80095EPSS
Exploits15References8
OpenVAS
OpenVAS
added 2013/08/05 12:0 a.m.23 views

Western Digital My Net Devices Information Disclosure Vulnerability

Western Digital My Net Router is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

4.3CVSS6.1AI score0.04555EPSS
Exploits5References6
ATTACKERKB
ATTACKERKB
added 2011/08/15 7:55 p.m.1 views

CVE-2011-3011

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors...

5CVSS5.9AI score0.71631EPSS
Exploits5References7
Saint
Saint
added 2011/07/08 12:0 a.m.14 views

Lotus Domino HPRAgentName Stack Overflow

Added: 07/08/2011 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem The WebAdmin.nsf resource on the Domino web service contains a buffer overflow vulnerability. Resolution No patch is available at this time. References Limitations This exploit...

0.7AI score
Exploits0
OSV
OSV
added 2007/10/31 5:46 p.m.4 views

CVE-2007-5751

Liferea before 1.4.6 uses weak permissions 0644 for the feedlist.opml backup file, which allows local users to obtain credentials...

6AI score
Exploits0References9
exploitpack
exploitpack
added 2004/06/03 12:0 a.m.8 views

SquirrelMail 1.2.x - From Email Header HTML Injection

SquirrelMail 1.2.x - From Email Header HTML Injection source: https://www.securityfocus.com/bid/10450/info SquirrelMail is reported to be prone to a 'from' field email header HTML injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied email...

Exploits0
Gentoo Linux
Gentoo Linux
added 2004/03/22 12:0 a.m.39 views

Multiple security vulnerabilities in Apache 2

Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description Thre...

5CVSS8.5AI score0.09898EPSS
Exploits0
exploitpack
exploitpack
added 2002/09/09 12:0 a.m.25 views

Trillian Instant Messaging 0.x - Credential Encryption

Trillian Instant Messaging 0.x - Credential Encryption // source: https://www.securityfocus.com/bid/5677/info The Trillian instant messaging client uses weak encryption to store saved authentication credentials for instant messaging services. The credentials are encrypted by using XOR with a stat...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2001/06/06 12:0 a.m.25 views

PassWD2000 v2.x Weak Encryption Vulnerability

== PassWD2000 v2.x Weak Encryption Vulnerability =============== "Success does not consist in never making mistakes but in never making the same one a second time" --- George Bernard Shaw Vulnerable: PassWD2000 2.0 PassWD2000 2.1 PassWD2000 2.2 PassWD2000 2.3 PassWD2000 2.4 PassWD2000 2.5...

6.8AI score
Exploits0
Rows per page
Query Builder