Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-0350

Malware in sbrugna...

6.8CVSS6.4AI score0.00641EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/03/24 12:0 a.m.18 views

SuSE 11.3 Security Update : util-linux (SAT Patch Number 10452)

util-linux has been updated to fix one security issue : - command injection flaw in blkid bnc907434. Additionally, these non-security issues have been fixed :. CVE-2014-9114 - Fix possible script hang. bnc888678 - Enable build of libmount / findmnt. bnc900965 - Don't stop trying filesystem when...

7.8CVSS7.1AI score0.00648EPSS
Exploits0References8
OSV
OSV
added 2012/08/27 11:55 p.m.2 views

DEBIAN-CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

4.6CVSS7.1AI score0.00413EPSS
Exploits0References1
NVD
NVD
added 2012/02/03 4:5 a.m.12 views

CVE-2012-0314

Multiple cross-site request forgery CSRF vulnerabilities on the eAccess Pocket WiFi aka GP02 router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 initialize settings or 2 reboot the device...

6.8CVSS7.4AI score0.00641EPSS
Exploits0References5
Prion
Prion
added 2012/02/03 4:5 a.m.10 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on the eAccess Pocket WiFi aka GP02 router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 initialize settings or 2 reboot the device...

6.8CVSS7.9AI score0.00641EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2012/02/03 2:0 a.m.19 views

CVE-2012-0314

Multiple cross-site request forgery CSRF vulnerabilities on the eAccess Pocket WiFi aka GP02 router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 initialize settings or 2 reboot the device...

7.4AI score0.00641EPSS
Exploits0References5
CVE
CVE
added 2012/02/03 2:0 a.m.38 views

CVE-2012-0314

CVE-2012-0314 describes cross-site request forgery in the eAccess Pocket WiFi (GP02) router prior to firmware 2.00, affecting firmware 11.203.11.05.168 and earlier. An attacker could hijack administrator sessions to perform actions such as initializing settings or rebooting the device when a logg...

6.8CVSS7.6AI score0.00641EPSS
Exploits0References5Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/02/01 12:0 a.m.25 views

JVN#33021167: Pocket WiFi (GP02) vulnerable to cross-site request forgery

Pocket WiFi GP02 provided by eAccess Ltd. is a mobile wireless LAN router. Pocket WiFi GP02 contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, settings of Pocket WiFi GP02 may be initialized, or Pocket WiFi GP02 may be rebooted. Solution...

6.8CVSS6.6AI score0.00641EPSS
Exploits0
NVD
NVD
added 2010/06/25 9:30 p.m.24 views

CVE-2010-2465

The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download node logs, photographs of persons, and backup files via...

5CVSS6.4AI score0.02456EPSS
Exploits1References9
NVD
NVD
added 2010/06/25 9:30 p.m.31 views

CVE-2010-2466

The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attackers to obtain sensitive information via requests for full.dar files with predictable filenames...

5CVSS6.3AI score0.01918EPSS
Exploits1References6
Prion
Prion
added 2010/06/25 9:30 p.m.18 views

Improper access control

The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download node logs, photographs of persons, and backup files via...

5CVSS6.9AI score0.02456EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2010/06/25 9:0 p.m.55 views

CVE-2010-2467

CVE-2010-2467 affects the S2 Security NetBox (likely 2.x–3.x) used in Linear eMerge 50/5000 and Sonitrol eAccess. The FTP server storing database backups does not require a password, enabling remote download of backups via FTP requests. Exploitation details are not provided in the connected docum...

5CVSS7.1AI score0.01365EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2010/06/25 9:0 p.m.62 views

CVE-2010-2465

CVE-2010-2465 affects S2 Security NetBox 2.5, 3.3, and 4.0 (as utilized in Linear eMerge 50/5000 and Sonitrol eAccess). The root cause is insufficient access control, permitting remote attackers to download node logs, photographs of persons, and backup files stored under the web root via unspecif...

5CVSS6.6AI score0.02456EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2010/06/25 9:0 p.m.68 views

CVE-2010-2466

CVE-2010-2466 affects S2 NetBox (used in Linear eMerge and Sonitrol eAccess). The vulnerability allows remote attackers to obtain sensitive data by requesting full_*.dar database backups due to insufficient access protection and predictable backup filenames. Affected NetBox versions include 2.x/3...

5CVSS6.5AI score0.01918EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2010/06/25 9:0 p.m.34 views

CVE-2010-2466

The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attackers to obtain sensitive information via requests for full.dar files with predictable filenames...

6.3AI score0.01918EPSS
Exploits1References6
CVE
CVE
added 2010/06/25 9:0 p.m.61 views

CVE-2010-2468

CVE-2010-2468 affects S2 Security NetBox 2.x and 3.x as used in Linear eMerge 50/5000 and Sonitrol eAccess. The root cause is the use of a weak hash algorithm for storing the Administrator password, which can allow context-dependent attackers to recover the password and gain privileged access. Th...

10CVSS6.5AI score0.01691EPSS
Exploits1References5Affected Software1
CERT
CERT
added 2010/06/24 12:0 a.m.123 views

S2 NetBox allows unauthenticated HTTP access to node logs, backups, and employee photographs

Overview S2 NetBox and related products do not adequately restrict access to node logs, backups, and employee photographs. A remote, unauthenticated attacker could use information obtained from a vulnerable system to aid in further attacks. Description S2 NetBox is a line of "...open architecture...

5CVSS6.8AI score0.01918EPSS
Exploits1References4
Rows per page
Query Builder