Lucene search
K

112 matches found

OSV
OSV
added 2024/01/23 9:15 p.m.3 views

CVE-2023-52325

A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In addition, an attacker...

7.5CVSS7.3AI score0.04536EPSS
Exploits0References2
OSV
OSV
added 2024/01/23 9:15 p.m.5 views

CVE-2023-52324

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations. Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any...

8.8CVSS6.1AI score0.04172EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.4 views

PT-2024-14524 · Trend Micro · Trend Micro Apex Central

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex Central affected versions not specified Description: A local file inclusion issue in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. This issue must...

7.5CVSS7.6AI score0.04536EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2024/01/05 12:4 a.m.75 views

Exploit for Code Injection in Jetbrains Youtrack

CVE-2022-24442: FreeMarker Server-Side Template Injection in J...

9.8CVSS9.7AI score0.03627EPSS
Exploits2
GithubExploit
GithubExploit
added 2023/11/23 10:37 p.m.41 views

Exploit for Deserialization of Untrusted Data in Magnolia-Cms Magnolia_Cms

CVE-2021-46364: YAML Deserialization in Magnolia CMS Magnolia...

7.8CVSS7.9AI score0.01573EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.4 views

PT-2023-9586 · Cisco · Cisco Secure Firewall Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center FMC Software affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to read arbitrary files from the underlying...

6.8CVSS6.9AI score0.00615EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/23 12:0 a.m.5 views

PT-2023-5034 · Cisco · Cisco Fxos

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Description: A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device,...

6CVSS5.8AI score0.0017EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.3 views

PT-2023-4613 · Cisco · Cisco Thousandeyes Enterprise Agent

Name of the Vulnerable Software and Affected Versions: Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type affected versions not specified Description: A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker to elevate...

7.8CVSS7.4AI score0.00418EPSS
Exploits2References13
ATTACKERKB
ATTACKERKB
added 2023/05/17 4:0 p.m.3 views

CVE-2023-20164

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected...

7.2CVSS7.1AI score0.01188EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/05 12:0 a.m.9 views

PT-2023-3314 · Cisco · Cisco Small Business Rv320 +1

Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers affected versions not specified Description: The web-based management interface of the affected devices has insufficient validation of user-supplied input, which could allow an...

8.3CVSS7.5AI score0.30386EPSS
Exploits0References7
OSV
OSV
added 2023/03/31 4:15 p.m.5 views

CVE-2023-0432

The web configuration service of the affected device contains an authenticated command injection vulnerability. It can be used to execute system commands on the operating system OS from the device in the context of the user "root." If the attacker has credentials for the web service, then the...

9CVSS7.4AI score0.01142EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/21 12:0 a.m.7 views

PT-2023-4759 · Minio +2 · Minio +2

Name of the Vulnerable Software and Affected Versions: Minio versions prior to RELEASE.2023-03-20T20-16-18Z Description: The issue is related to the PostPolicyBucket component of the Minio Multi-Cloud Object Storage framework. An attacker can use crafted requests to bypass metadata bucket name...

9CVSS6.5AI score0.83957EPSS
Exploits25References84
OSV
OSV
added 2023/03/13 9:15 a.m.6 views

CVE-2023-0888

An improper neutralization of directives in dynamically evaluated code vulnerability in the WiFi Battery embedded web server in versions L90/U70 and L92/U92 can be used to gain administrative access to the WiFi communication module. An authenticated user, having access to both the medical device...

7.2CVSS5.8AI score0.00604EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.6 views

PT-2023-1277 · Cisco · Cisco Small Business Rv260 +4

Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV160 and RV260 Series VPN Routers affected versions not specified Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W affected versions not specified Description: A vulnerability in the web-based management...

8.3CVSS7.2AI score0.00964EPSS
Exploits0References4
OSV
OSV
added 2022/11/15 9:15 p.m.5 views

CVE-2022-20928

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to...

5.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2022/11/07 4:15 a.m.6 views

CVE-2022-44795

An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, a...

6.5CVSS5.8AI score0.00523EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.9 views

CVE-2022-44795

An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, a...

6.3AI score0.00523EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.4 views

PT-2022-6668 · Cisco · Cisco Small Business 500 Series Stackable Managed Switches +2

Name of the Vulnerable Software and Affected Versions: Cisco Small Business 200 Series Smart Switches affected versions not specified Cisco Small Business 300 Series Managed Switches affected versions not specified Cisco Small Business 500 Series Stackable Managed Switches affected versions not...

4.9CVSS4.9AI score0.00483EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.2 views

PT-2022-6234 · Cisco · Cisco Identity Services Engine

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine ISE affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive...

8CVSS6AI score0.0075EPSS
Exploits0References7
OSV
OSV
added 2022/07/22 4:15 a.m.4 views

CVE-2022-20898

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS6.2AI score0.00876EPSS
Exploits0References1
Rows per page
Query Builder