Lucene search
+L

29 matches found

OSV
OSV
added 2024/05/21 3:15 p.m.4 views

UBUNTU-CVE-2021-47236

In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no chance to free original skb. fix it by free orginal skb in eemtxfixu...

5.5CVSS6.2AI score0.00228EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2024/05/21 2:19 p.m.18 views

CVE-2021-47236 net: cdc_eem: fix tx fixup skb leak

In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no chance to free original skb. fix it by free orginal skb in eemtxfixu...

6.8AI score0.00228EPSS
Exploits0References8
Metasploit
Metasploit
added 2021/03/26 5:42 p.m.102 views

SAP Solution Manager remote unauthorized OS commands execution

This module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet tcsmdagentapplicationeem of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get...

10CVSS9.5AI score0.98266EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/03/26 12:0 a.m.426 views

SAP Solution Manager 7.2 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Solution Manager remote unauthorized OS commands execution', 'License' = MSFLICENSE, 'Author' = 'Yvan Genuer', @1ggy The researcher who...

7.5CVSS0.1AI score0.98266EPSS
Exploits7
NVD
NVD
added 2021/03/24 4:15 p.m.25 views

CVE-2020-36283

HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...

9.6CVSS0.00727EPSS
Exploits0References2
Prion
Prion
added 2021/03/24 4:15 p.m.17 views

Cross site scripting

HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...

6.8CVSS8.2AI score0.00727EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/24 3:23 p.m.28 views

CVE-2020-36283

HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...

9.6CVSS8.8AI score0.00727EPSS
Exploits0References2
CVE
CVE
added 2021/03/24 3:23 p.m.49 views

CVE-2020-36283

The CVE-2020-36283 issue affects HID OMNIKEY 5427 and OMNIKEY 5127 readers. A CSRF flaw in the Ethernet Emulation Mode (EEM) driver allows an authenticated user, lured to a malicious site, to send a crafted HTTP request that uploads a configuration file to the device. This can enable cross-site s...

9.6CVSS8.2AI score0.00727EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2008/08/07 12:0 a.m.81 views

CA Products That Embed Ingres Multiple Vulnerabilities

Title: CA Products That Embed Ingres Multiple Vulnerabilities CA Advisory Date: 2008-08-01 Reported By: iDefense Labs Impact: A remote attacker can execute arbitrary code, gain privileges, or cause a denial of service condition. Summary: CA products that embed Ingres contain multiple...

7.2CVSS7.8AI score0.00444EPSS
Exploits1
Rows per page
Query Builder