Lucene search
K

303 matches found

NVD
NVD
added 2019/12/26 4:15 p.m.19 views

CVE-2019-6013

DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...

6.8CVSS6.9AI score0.00599EPSS
Exploits0References2
OSV
OSV
added 2019/12/26 4:15 p.m.3 views

CVE-2019-6014

DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...

8.8CVSS7.5AI score0.01245EPSS
Exploits0References2
NVD
NVD
added 2019/12/26 4:15 p.m.22 views

CVE-2019-6014

DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...

8.8CVSS9AI score0.01245EPSS
Exploits0References2
Prion
Prion
added 2019/12/26 4:15 p.m.16 views

Design/Logic Flaw

DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...

6.8CVSS7.5AI score0.00599EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/12/26 4:15 p.m.16 views

Design/Logic Flaw

DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...

8.3CVSS8.9AI score0.01245EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/12/26 3:16 p.m.46 views

CVE-2019-6014

The CVE-2019-6014 vulnerability affects the D-Link DBA-1510P, specifically in the Web User Interface. The root cause is an OS command injection flaw in the Web UI (and related CLI issue for CVE-2019-6013) that allows an attacker to execute arbitrary commands on the device. Impact is execution of ...

8.8CVSS9AI score0.01245EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/26 3:16 p.m.18 views

CVE-2019-6013

DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...

7.5AI score0.00599EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/12/26 3:16 p.m.19 views

CVE-2019-6014

DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...

9.1AI score0.01245EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/12/10 12:0 a.m.4 views

The vulnerability of the D-Link DBA-1510P network device’s microprogramming software lies in the lack of measures taken to neutralize special elements, allowing a hacker to execute arbitrary commands.

The vulnerability of the microprogrammed network device D-Link DBA-1510P is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

8.8CVSS7.9AI score0.01245EPSS
Exploits0References7Affected Software1
CNVD
CNVD
added 2019/10/07 12:0 a.m.6 views

D-Link DBA-1510P OS Command Injection Vulnerability (CNVD-2019-36969)

The D-Link DBA-1510P is a wireless access point device from Taiwan, China-based AUO D-Link. An operating system command injection vulnerability exists in the CLI of D-Link DBA-1510P versions using firmware version 1.70b009 and earlier, which can be exploited by an attacker to execute illegal...

6.8CVSS8AI score0.00599EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/07 12:0 a.m.3 views

D-Link DBA-1510P OS Command Injection Vulnerability

The D-Link DBA-1510P is a wireless access point device from Taiwan, China-based AUO D-Link. An operating system command injection vulnerability exists in the Web User Interface of the D-Link DBA-1510P using firmware version 1.70b009 and earlier, which can be exploited by an attacker to execute...

8.8CVSS8.1AI score0.01245EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/10/07 12:0 a.m.121 views

JVN#95875796: Multiple OS command injection vulnerabilities in DBA-1510P

DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score...

8.8CVSS7.8AI score0.01245EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2019/04/23 6:16 p.m.14 views

CVE-2019-2571

Vulnerability in the RDBMS DataPump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise RDB...

6.1AI score0.0115EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/04/18 12:0 a.m.117 views

Oracle Database Server Multiple Vulnerabilities (Apr 2019 CPU)

The remote Oracle Database Server is missing the April 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An authenticated local Portable Clusterware takeover vulnerability exists in the Oracle RDBMS. An authenticated, local attacker with the Grid...

9.1CVSS6.9AI score0.01713EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.32 views

openSUSE Security Update : php7 (openSUSE-2019-771)

This update for php7 fixes the following issues : This security issue was fixed : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.27 views

openSUSE Security Update : php7 (openSUSE-2018-1131)

This update for php7 fixes the following issues : This security issue was fixed : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2018/05/21 1:25 p.m.10 views

dba-oracle.com XSS vulnerability

Open Bug Bounty ID: OBB-619525 Description| Value ---|--- Affected Website:| dba-oracle.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Imperva Blog
Imperva Blog
added 2018/02/14 5:0 p.m.17 views

Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse

Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators DBAs who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged...

7.1AI score
Exploits0
NVD
NVD
added 2018/01/18 2:29 a.m.14 views

CVE-2018-2580

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: ADPatch. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

4.4CVSS4.5AI score0.00435EPSS
Exploits0References3
OSV
OSV
added 2018/01/18 2:29 a.m.4 views

CVE-2018-2580

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: ADPatch. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

4.4CVSS7.3AI score0.00435EPSS
Exploits0References3
Rows per page
Query Builder