Lucene search
K

42 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:9 a.m.10 views

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

5.4CVSS5.4AI score0.00438EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-4584

Malware in sbrugna...

7.5CVSS6.4AI score0.01376EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-4585

Malware in sbrugna...

10CVSS6.4AI score0.04786EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-4583

Malware in sbrugna...

7.8CVSS6.4AI score0.02242EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 11:27 p.m.13 views

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

5.4CVSS5.7AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:13 a.m.10 views

CVE-2013-4732

The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU662676...

10CVSS7.1AI score0.03041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.11 views

CVE-2013-4734

dasdecmkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors...

7.5CVSS7AI score0.01376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:34 a.m.7 views

CVE-2013-4735

The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network...

10CVSS7.2AI score0.04786EPSS
Exploits0References1
NVD
NVD
added 2022/12/01 12:15 a.m.38 views

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

5.4CVSS0.00341EPSS
Exploits0References1
Prion
Prion
added 2022/12/01 12:15 a.m.15 views

Cross site scripting

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

4.9CVSS5.2AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2022/11/30 11:15 p.m.32 views

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

5.4CVSS0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/30 11:7 p.m.6 views

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

4.1CVSS5.3AI score0.00341EPSS
Exploits0References1
CVE
CVE
added 2022/11/30 11:7 p.m.54 views

CVE-2022-40204

CVE-2022-40204 is an XSS in Digital Alert Systems DASDEC software, affecting all current versions via the Host Header on undisclosed pages after login. The vulnerability is documented across multiple feeds: NVD lists CVSS v3.1 base score 4.1 (I/L, C/N, A/N) with network attack vector, low complex...

5.4CVSS5.2AI score0.00341EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/30 11:7 p.m.57 views

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

4.1CVSS5.5AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/30 10:58 p.m.40 views

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

4.7CVSS5.3AI score0.00438EPSS
Exploits0References1
CVE
CVE
added 2022/11/30 10:58 p.m.63 views

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 is affected by CVE-2019-18265, an XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the login page’s SSH username field or the HTTP Host header. The injected content is stored in logs and rendered ...

5.4CVSS5.2AI score0.00438EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.4 views

PT-2022-25281 · Digital Alert Systems · Dasdec

Name of the Vulnerable Software and Affected Versions: Digital Alert Systems DASDEC software affected versions not specified Description: A cross-site scripting XSS issue exists in the Digital Alert Systems DASDEC software. This issue is related to the Host Header in undisclosed pages after login...

5.4CVSS5.1AI score0.00341EPSS
Exploits0References4
CNVD
CNVD
added 2022/11/25 12:0 a.m.28 views

Digital Alert Systems DASDEC EAS Cross-Site Scripting Vulnerability

Digital Alert Systems DASDEC EAS is a digital alert system from Digital Alert Systems in the United States. A cross-site scripting vulnerability exists in all current versions of Digital Alert Systems DASDEC, which stems from a lack of effective filtering and escaping of user-supplied data on an...

5.4CVSS5.1AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.37 views

Digital Alert Systems DASDEC EAS 跨站脚本漏洞

Digital Alert Systems DASDEC EAS is a digital alert system from Digital Alert Systems in the United States. A cross-site scripting vulnerability exists in all current versions of Digital Alert Systems DASDEC, which stems from a lack of effective filtering and escaping of user-supplied data on an...

5.4CVSS5.9AI score0.00341EPSS
Exploits0References4
ICS
ICS
added 2022/11/22 7:0 a.m.53 views

Digital Alert Systems DASDEC

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Digital Alert Systems Equipment: DASDEC Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities might result in false alerts...

5.4CVSS5.7AI score0.00438EPSS
Exploits0References10
Rows per page
Query Builder