Lucene search
K

50 matches found

OSV
OSV
added 2021/01/27 7:15 p.m.2 views

UBUNTU-CVE-2021-3325

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...

9.8CVSS7.3AI score0.0223EPSS
Exploits1References5
OSV
OSV
added 2020/10/28 6:15 p.m.3 views

CVE-2020-26131

Issues were discovered in Open DHCP Server Regular 1.75 and Open DHCP Server LDAP Based 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe Regular or the OpenDHCPLdap.exe LDAP Based binary...

7.8CVSS7.1AI score0.00418EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2020/10/28 12:0 a.m.7 views

PT-2020-16306 · Home · Home Dns Server

Name of the Vulnerable Software and Affected Versions: Home DNS Server version 0.10 Description: An issue was discovered due to insufficient access restrictions in the default installation directory, allowing an attacker to elevate privileges by replacing the HomeDNSServer.exe binary...

7.8CVSS7.5AI score0.00319EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/10/28 12:0 a.m.9 views

PT-2020-16304 · Multithreaded Studios · Open Tftp Server

Name of the Vulnerable Software and Affected Versions: Open TFTP Server multithreaded version 1.66 Open TFTP Server single port version 1.66 Description: The issue is related to insufficient access restrictions in the default installation directory of Open TFTP Server, allowing an attacker to...

7.8CVSS7.4AI score0.00439EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2020/10/21 12:0 a.m.10 views

PT-2020-14933 · Ghisler · Total Commander

Name of the Vulnerable Software and Affected Versions: Ghisler Total Commander version 9.51 Description: An issue was discovered due to insufficient access restrictions in the default installation directory, allowing an attacker to elevate privileges by replacing the...

7.3CVSS7.1AI score0.00389EPSS
Exploits1References3
OSV
OSV
added 2019/12/13 1:15 p.m.23 views

UBUNTU-CVE-2014-0175

mcollective has a default password set at install...

9.8CVSS5.8AI score0.02028EPSS
Exploits0References2
exploitpack
exploitpack
added 2019/12/13 12:0 a.m.32 views

FTP Commander Pro 8.03 - Local Stack Overflow

FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...

0.4AI score
Exploits0
OSV
OSV
added 2019/10/07 10:15 p.m.4 views

CVE-2019-16913

PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILESX86%\PCProtect with very weak folder permissions, granting any user full permission "Everyone: F" to the contents of the directory and its subfolders. In addition, the program installs a service called SecurityService that runs as...

7.8CVSS7.1AI score0.00421EPSS
Exploits1References1
OSV
OSV
added 2019/03/21 4:0 p.m.4 views

CVE-2018-18435

KioWare Server version 4.9.6 and older installs by default to "C:\kiowarecom" with weak folder permissions granting any user full permission "Everyone: F" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService" which runs as...

7.8CVSS5.8AI score0.01375EPSS
Exploits5References5
ATTACKERKB
ATTACKERKB
added 2019/01/23 5:29 p.m.4 views

CVE-2017-17835

In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow...

8.8CVSS8.1AI score0.01295EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2019/01/23 5:29 p.m.7 views

PYSEC-2019-148

In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow...

8.8CVSS7.7AI score0.01295EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/08/09 12:0 a.m.8 views

Siemens SIMATIC STEP 7 and WinCC Denial of Service Vulnerability

Siemens SIMATIC STEP 7 TIA Portal and WinCC TIA Portal are both products of Siemens, Germany.Siemens SIMATIC STEP 7 TIA Portal is a programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology, etc. WinCC TIA Portal is a...

7.8CVSS8.1AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2018/05/09 8:29 a.m.5 views

CVE-2018-10683

An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security...

9.8CVSS5.8AI score0.08225EPSS
Exploits2References1
exploitpack
exploitpack
added 2018/03/26 12:0 a.m.29 views

LabF nfsAxe 3.7 - Privilege Escalation

LabF nfsAxe 3.7 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested O...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2018/03/26 12:0 a.m.20 views

LabF nfsAxe 3.7 Privilege Escalation

Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested On: Windows 7 x86 and x64 Requires Windo...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/26 12:0 a.m.25 views

LabF nfsAxe 3.7 - Privilege Escalation

Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested On: Windows 7 x86 and x64 Requires Windo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/12/22 12:0 a.m.55 views

Vesta Control Panel 0.9.8-16 Local Privilege Escalation

!/bin/bash Exploit Title: Vesta Control Panel 0.9.7 suid.c PWN Make PWN shell scrip...

1AI score
Exploits0
CNVD
CNVD
added 2016/09/21 12:0 a.m.4 views

SolarWinds Kiwi Syslog Server Elevation of Privilege Vulnerability

SolarWinds network security management software products. The application can be installed on a windows system with the option to select the default security service. The default installation path "C:\Program Files x86" is selected when installing the 32-bit application, which may allow an...

7.5AI score
Exploits0References1
exploitpack
exploitpack
added 2015/11/09 12:0 a.m.14 views

Arris TG1682G Modem - Persistent Cross-Site Scripting

Arris TG1682G Modem - Persistent Cross-Site Scripting Unauth Stored CSRF/XSS - Xfinity Modem alert1" /...

6.8AI score
Exploits0
0day.today
0day.today
added 2015/11/09 12:0 a.m.57 views

Arris TG1682G Modem - Stored XSS Vulnerability

Exploit for hardware platform in category web applications Unauth Stored CSRF/XSS - Xfinity Modem alert1" / 0day.today 2018-01-01...

7.1AI score
Exploits0
Rows per page
Query Builder