Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-31021

Malicious code in bioql PyPI...

9CVSS8AI score0.01529EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/28 12:0 a.m.3 views

PT-2025-27330 · Netgate · Pfsense Ce

Name of the Vulnerable Software and Affected Versions: Netgate pfSense CE version 2.8.0 Description: The issue arises from the "WebCfg - Diagnostics: Command" privilege, which improperly allows users to read arbitrary files on the system through a directory traversal attack targeting the diag...

5CVSS7.5AI score0.01766EPSS
Exploits1References9
BDU FSTEC
BDU FSTEC
added 2024/01/22 12:0 a.m.4 views

The vulnerability of the Network Diagnostic Commands function in the microprogramming software of the SmartNode SN200 adapter allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Network Diagnostic Commands function in the microprogramming software of the SmartNode SN200 adapter lies in the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability can allow a remote attacker to...

10CVSS7.8AI score0.64113EPSS
Exploits3References5Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/04 12:0 a.m.6 views

PT-2023-21799 · Qualcomm · Qualcomm Chipsets

Name of the Vulnerable Software and Affected Versions: Qualcomm Chipsets affected versions not specified Description: The issue is related to memory corruption in UTILS when the modem processes memory-specific Diag commands with arbitrary address values as input arguments. Recommendations: At the...

7.8CVSS7.3AI score0.00118EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2023/11/28 12:0 a.m.497 views

SmartNode SN200 3.21.2-23021 OS Command Injection

Advisory ID: SYSS-2023-019 Product: SmartNode SN200 Analog Telephone Adapter ATA & VoIP Gateway Manufacturer: Patton LLC Affected Versions: = 3.21.2-23021 Tested Versions: 2.21.1-22041, 3.21.2-23021, 3.22.0-23083 Vulnerability Type: OS Command Injection CWE-78 Vulnerability Type: Improper Access...

9.8CVSS7.4AI score0.64113EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2023/08/28 12:0 a.m.3 views

PT-2023-8337 · Unknown · Smartnode Sn200

Name of the Vulnerable Software and Affected Versions: SmartNode SN200 aka SN200 version 3.21.2-23021 Description: The issue is related to the Network Diagnostic Commands function of the SmartNode SN200 analog telephone adapter's firmware, which fails to neutralize special elements used in an...

9.8CVSS9.3AI score0.64113EPSS
Exploits3References12
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.7 views

The vulnerability in the implementation of diagnostic commands and the import of operating systems for Fireware devices used in network security solutions like WatchGuard Firebox and XTM allows attackers to upload and download arbitrary files.

The vulnerability of the diagnostic commands and the import functions of Fireware operating systems for network security devices like WatchGuard Firebox and XTM lies in the possibility of these commands being exploited. Exploiting this vulnerability allows a malicious actor to upload and download...

7.8CVSS7.6AI score0.01242EPSS
Exploits2References4Affected Software1
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.5 views

Qualcomm 输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits including primarily semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. An input validation error vulnerability exists in the Mode...

7.8CVSS7.9AI score0.00162EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.4 views

The vulnerability of the command-line interface on NX-OS and FX-OS devices of Cisco’s networking operating systems allows attackers to disclose sensitive information.

The vulnerability of the command-line interfaces of NX-OS and FX-OS devices from Cisco involves incomplete verification of role-based access control RBAC. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by executing diagnostic commands with specially craft...

5.5CVSS5.8AI score0.00309EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder