Lucene search
K

8752 matches found

F5 Networks
F5 Networks
added 2022/12/31 2:27 a.m.48 views

K76052144: BIG-IP, BIG-IQ, Enterprise Manager, and F5 iWorkflow Configuration utility vulnerability CVE-2019-6663

Security Advisory Description The BIG-IP / BIG-IQ / Enterprise Manager / F5 iWorkflow Configuration utility is vulnerable to Anti DNS Pinning DNS Rebinding attack. CVE-2019-6663 Impact BIG-IP / BIG-IQ / Enterprise Manager / F5 iWorkflow An Anti DNS Pinning DNS Rebinding attack allows an attacker ...

5.5CVSS5.6AI score0.00649EPSS
Exploits0
F5 Networks
F5 Networks
added 2022/12/28 4:53 a.m.36 views

K10015187: BIG-IP APM client for Windows vulnerability CVE-2018-5547

Security Advisory Description Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the...

7.8CVSS7.5AI score0.00262EPSS
Exploits0Affected Software2
NVD
NVD
added 2022/12/26 8:15 p.m.25 views

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5.3CVSS0.0045EPSS
Exploits0References1
Prion
Prion
added 2022/12/26 8:15 p.m.14 views

Code injection

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5CVSS5.4AI score0.0045EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/26 7:15 p.m.16 views

Default credentials

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...

5CVSS7.6AI score0.00509EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/26 12:0 a.m.26 views

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5.4AI score0.0045EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.9 views

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5.4AI score0.0045EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.7 views

PT-2022-8323 · 3S Smart Software Solutions +1 · Codesys Development System +1

Name of the Vulnerable Software and Affected Versions: Pilz PMC programming tool versions 3.x through 3.5.16 Description: A security issue allows an attacker to change a user's password without knowing the current password. This is possible in the Pilz PMC programming tool, which is based on the...

7.5CVSS7.5AI score0.00509EPSS
Exploits0References4
CVE
CVE
added 2022/12/26 12:0 a.m.77 views

CVE-2019-9011

CVE-2019-9011 affects Pilz PMC programming tool 3.x (based on CODESYS Development System). A remote attacker can enumerate valid usernames via the vulnerable flow, exposing an information-disclosure condition with network attack vector and no required privileges. The vulnerability is documented t...

5.3CVSS5.3AI score0.0045EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/26 12:0 a.m.61 views

CVE-2020-12067

Pilz PMC programming tool up to v3.5.16 is affected (based on CODESYS Development System). The issue allows a password change by an attacker without knowing the current password. Remediation: upgrade to version 3.5.17 or later. Public exploitation status is not detailed in the provided sources; o...

7.5CVSS7.6AI score0.00509EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/25 12:0 a.m.4 views

APDE 路径遍历漏洞

APDE is a processing IDE for creating and running sketches on Android devices by William Smith Personal Developer. A path traversal vulnerability exists in versions prior to APDE 0.5.2-pre2-alpha, which stems from a function in the...

9.8CVSS6.4AI score0.00867EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/12/23 12:0 a.m.6 views

The vulnerability of the PRNG generator in the development environment for programming CODESYS V3 applications, related to the use of cryptographic algorithms with defects, allows a hacker to decrypt and modify the loaded code.

The vulnerability of the PRNG generator used in the development environment for CODESYS V3 applications is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor, operating remotely, to decrypt and modify the loaded...

8.5CVSS7.5AI score0.00083EPSS
Exploits0References4Affected Software1
F5 Networks
F5 Networks
added 2022/12/22 11:20 p.m.30 views

K13838: XSS vulnerability CVE-2012-2975

Security Advisory Description A cross-site scripting XSS vulnerability exists on the BIG-IP ASM traffic overview page. Malicious request URLs may be exposed in the Configuration utility without proper sanitization. CVE-2012-2975 Impact Privileged root access may be granted to unauthenticated user...

4.3CVSS5.6AI score0.01513EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2022/12/22 11:0 p.m.54 views

K05200155: Multiple Java vulnerabilities

Security Advisory Description CVE-2015-4734 Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. CVE-2015-4805 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60,...

10CVSS6.1AI score0.13354EPSS
Exploits0
CNNVD
CNNVD
added 2022/12/21 12:0 a.m.4 views

lite-dev-server 路径遍历漏洞

lite-dev-server is an http file server for development by the individual developer Gavrilov Rusla. A security vulnerability exists in lite-dev-server that stems from a lack of input cleanup and a directory traversal vulnerability...

7.5CVSS7.2AI score0.01343EPSS
Exploits1References4
Openbugbounty
Openbugbounty
added 2022/12/20 5:26 p.m.22 views

communitydevelopmentsoftware.com Cross Site Scripting vulnerability OBB-3111109

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNVD
CNVD
added 2022/12/20 12:0 a.m.13 views

Weak Password Vulnerability in KingFusion Development System of Beijing Asia Control Technology Development Co.

KingFusion is a production information management system for the executive level of industrial enterprises. A weak password vulnerability exists in the KingFusion development system of Beijing Asian Control Technology Development Co. Ltd, which can be exploited by attackers to obtain sensitive...

6.7AI score
Exploits0
F5 Networks
F5 Networks
added 2022/12/16 8:18 p.m.58 views

K23565223: Apache vulnerability CVE-2017-9788

Security Advisory Description In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '='...

9.1CVSS7.2AI score0.5677EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/15 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4483-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02685EPSS
Exploits0References10
OSV
OSV
added 2022/12/15 12:0 a.m.31 views

ALSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...

9.8CVSS8.1AI score0.21514EPSS
Exploits3References16
Rows per page
Query Builder