Lucene search
K

193 matches found

OSV
OSV
added 2024/05/03 2:15 a.m.2 views

CVE-2023-38101

NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is...

8.8CVSS6.3AI score0.01689EPSS
Exploits0References2
NVD
NVD
added 2024/05/03 2:15 a.m.22 views

CVE-2023-38101

NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is...

8.8CVSS7.5AI score0.01689EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:15 a.m.27 views

CVE-2023-51574 Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability

Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. T...

9.8CVSS9.8AI score0.01553EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 2:13 a.m.74 views

CVE-2023-44414

CVE-2023-44414 affects D-Link D-View, exposing the coreservice_action_script action where a dangerous function is unintentionally exposed. The flaw permits remote code execution with SYSTEM privileges and requires no authentication, over the network. This aligns with ZDI-23-1512 and NVD/NVD-deriv...

9.8CVSS9.8AI score0.02353EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 2:11 a.m.15 views

CVE-2023-40501 LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability

LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.8CVSS9.9AI score0.01483EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 2:10 a.m.33 views

CVE-2023-39495 PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability

PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that t...

5.5CVSS5.3AI score0.00357EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/03 2:10 a.m.16 views

CVE-2023-39495 PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability

PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that t...

5.5CVSS5.9AI score0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 1:59 a.m.32 views

CVE-2023-38124 Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability

Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit...

7.2CVSS7.7AI score0.5582EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 1:59 a.m.18 views

CVE-2023-38124 Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability

Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit...

7.2CVSS8AI score0.5582EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 1:59 a.m.32 views

CVE-2023-38101 NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability

NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is...

7.2CVSS7.8AI score0.01689EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 1:58 a.m.46 views

CVE-2023-38097 NETGEAR ProSAFE Network Management System BkreProcessThread Exposed Dangerous Function Remote Code Execution Vulnerability

NETGEAR ProSAFE Network Management System BkreProcessThread Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is...

7.2CVSS7.8AI score0.01689EPSS
Exploits0References2
OSV
OSV
added 2024/04/01 10:15 p.m.4 views

CVE-2023-51573

Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

9.8CVSS7.4AI score0.45744EPSS
Exploits0References1
CVE
CVE
added 2024/04/01 9:18 p.m.53 views

CVE-2023-51573

Voltronic Power ViewPower Pro is affected by CVE-2023-51573. The flaw resides in the updateManagerPassword function, where exposure of a dangerous function enables an unauthenticated attacker to bypass authentication remotely. Products and advisories consistently cite an authentication bypass wit...

9.8CVSS9.7AI score0.45744EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/01 9:18 p.m.24 views

CVE-2023-51573 Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability

Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

9.8CVSS9.8AI score0.45744EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/01 9:18 p.m.19 views

CVE-2023-51573 Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability

Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

9.8CVSS6.9AI score0.45744EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.37 views

Grav 代码注入漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product displays. A security vulnerability exists in Grav prior to version 1.7.45, which stems from validating accessible functions via the Utils::isDangerousFunction function,...

8.8CVSS8.5AI score0.01381EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/02/12 12:0 a.m.22 views

Trend Micro Apex One Multiple Vulnerabilities (000293322)

According to its self-reported version, the Trend Micro application running on the remote Windows host is Apex One prior to SP1 Server Build 12033 and Agent Build 12033. It is, therefore, affected by multiple vulnerabilities: - Untrusted search path vulnerabilities in the Trend Micro Apex One and...

7.8CVSS7.2AI score0.00306EPSS
Exploits0References6
NVD
NVD
added 2024/01/23 9:15 p.m.12 views

CVE-2023-52093

An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS7.7AI score0.00225EPSS
Exploits0References2
OSV
OSV
added 2024/01/23 9:15 p.m.3 views

CVE-2023-52093

An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS6AI score
Exploits0References2
Prion
Prion
added 2024/01/23 9:15 p.m.18 views

Design/Logic Flaw

An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

4.3CVSS7.4AI score0.00225EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder