Lucene search
K

201 matches found

ATTACKERKB
ATTACKERKB
added 2021/09/15 12:0 a.m.30 views

CVE-2021-33045

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. Recent assessments: cbeek-r7 at September 06, 2024 6:04pm UTC reported: On September 5th 2024, CISA...

10CVSS9.6AI score0.99871EPSS
In wildExploits13References4
Positive Technologies
Positive Technologies
added 2021/09/07 12:0 a.m.6 views

PT-2021-20028

Name of the Vulnerable Software and Affected Versions Dahua IP Camera firmware versions 2.820.0000000.5.r.210705 Description The issue is related to an identity authentication bypass during the login process. Attackers can construct malicious data packets to bypass device identity authentication...

10CVSS7.9AI score0.99556EPSS
Exploits9References28
OSV
OSV
added 2021/08/25 8:15 p.m.3 views

CVE-2021-1586

A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service DoS condition. This...

8.6CVSS7.3AI score
Exploits0References1
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/07/23 9:14 a.m.54 views

Clarification Of Terms MTU and MSS❗️

Discover What MTU and MSS are We now live in an advanced age where a ton of data is shared over short and significant distances by sharing over a dependable connection. The web has become an extremely helpful association network that upholds various frameworks, yet various boundaries engaged with...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/06/20 12:0 a.m.21 views

Logic Flaw Vulnerability in Cloud Patrol System of Beijing Landsea Electronic Technology Co.

Beijing Landwell Electronic Technology Co., Ltd Landwell for short, has created all the mobile automatic identification products with independent intellectual property rights and independent brand "LANDWELL"; and built a high-tech enterprise which is integrated with the research, development,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/12 5:31 p.m.587 views

FragAttack: New Wi-Fi vulnerabilities that affect… basically everything

A new set of vulnerabilities with an aggressive name and their own website almost always bodes ill. The name FragAttack is a contraction of fragmentation and aggregation attacks, which immediately indicates the main area where the vulnerabilities were found. The vulnerabilities are mostly in how...

5CVSS7.8AI score0.07604EPSS
Exploits4
CNVD
CNVD
added 2021/02/21 12:0 a.m.9 views

Mingyuan Cloud Data Center has a logic flaw vulnerability

Shenzhen Mingyuan Cloud Technology Co., Ltd. is a digital service provider of real estate ecological chain. A logic flaw vulnerability exists in the Mingyuan Cloud Data Center. Attackers use the vulnerability to access the backend interface and obtain sensitive information by intercepting data...

3.4AI score
Exploits0
OSV
OSV
added 2020/07/07 11:42 a.m.10 views

SUSE-SU-2020:1511-2 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 April 2020 CPU, bsc1169511. Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service bsc1169511. - CVE-2020-2755: Fixed an...

8.3CVSS6.8AI score0.0623EPSS
Exploits0References16
OPENSUSE Linux
OPENSUSE Linux
added 2020/06/02 12:0 a.m.90 views

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2020:0757-1 Rating: important References: 1167462 1169511 Cross-References: CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2767 CVE-2020-2773 CVE-2020-2778 CVE-2020-2781 CVE-2020-2800...

8.3CVSS8.3AI score0.0623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/24 12:0 a.m.34 views

Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-4337-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4337-1 advisory. It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial o...

8.3CVSS6.8AI score0.0623EPSS
Exploits0References14
CNVD
CNVD
added 2020/04/09 12:0 a.m.4 views

Juniper Networks Junos OS Denial of Service Vulnerability (CNVD-2020-33719)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that arises from the program's failure to properly handle...

7.5CVSS6.7AI score0.01091EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/03/05 8:5 p.m.4 views

CVE-2020-6986

In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result...

7.1AI score0.01511EPSS
Exploits0References1
OSV
OSV
added 2019/12/09 7:15 p.m.7 views

CVE-2015-1853

chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service inability to synchronize via random timestamps in crafted NTP data packets...

6.5CVSS6.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/10/23 6:3 p.m.406 views

Fujitsu Wireless Keyboard Plagued By Unpatched Flaws

Two high-severity flaws, discovered in a popular Fujitsu wireless keyboard set, could allow attackers from a short distance away to “eavesdrop” on passwords entered into the keyboards, or even fully takeover a victim’s system. Making matters worse, the impacted Fujitsu wireless keyboard LX390...

10CVSS0.2AI score0.99965EPSS
Exploits32References14
NVD
NVD
added 2019/09/18 7:15 p.m.23 views

CVE-2019-9680

Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include:...

5.3CVSS5.3AI score0.01435EPSS
Exploits0References1
Prion
Prion
added 2019/09/18 7:15 p.m.14 views

Design/Logic Flaw

Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include:...

5CVSS5.3AI score0.01435EPSS
Exploits0References1Affected Software9
CVE
CVE
added 2019/09/18 6:36 p.m.79 views

CVE-2019-9680

CVE-2019-9680 affects Dahua devices (e.g., IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X, IPC-HFW5X2X) with builds prior to August 18, 2019. The issue is information leakage: attackers can obtain the device’s IP address and model informati...

5.3CVSS5.2AI score0.01435EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/18 6:36 p.m.23 views

CVE-2019-9680

Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include:...

5.3AI score0.01435EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2019/07/16 2:27 a.m.94 views

Exploit for Injection in Atlassian Jira_Server

CVE-2019-11581 Atlassian JIRA Template injection vulnerabil...

9.8CVSS9.8AI score0.84621EPSS
Exploits2
CNVD
CNVD
added 2019/03/12 12:0 a.m.2 views

eCar Insurance Coverage App Has Logic Flaw Vulnerability

eCar Insurance is a mobile Internet car insurance software application platform developed by Chengdu Zhongtong Technology Co. eCar Insurance APP has a logic flaw vulnerability, the vulnerability stems from the SMS verification code in the data return packet plaintext display, the attacker can use...

7.1AI score
Exploits0
Rows per page
Query Builder