Lucene search
K

3858 matches found

OSV
OSV
added 2024/06/13 8:15 p.m.2 views

CVE-2024-5947

Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

6.5CVSS5.7AI score0.02418EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2024/06/13 7:40 p.m.21 views

CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability

Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

6.5CVSS5.9AI score0.02418EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/06/13 7:40 p.m.62 views

CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability

Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

6.5CVSS0.02418EPSS
Exploits3References1
CVE
CVE
added 2024/06/13 7:40 p.m.73 views

CVE-2024-5947

The CVE-2024-5947 issue affects Deep Sea Electronics DSE855. It arises from a missing authentication flow in the web UI that allows access to the configuration backup (Backup.bin), enabling network-adjacent attackers to disclose stored credentials. The flaw is exploitable without authentication v...

6.5CVSS6.1AI score0.02418EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2024/06/13 7:40 p.m.31 views

CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...

8.8CVSS0.01108EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 7:40 p.m.53 views

CVE-2024-5948

CVE-2024-5948 affects the Deep Sea Electronics DSE855 device. The vulnerability is a multipart boundary handling issue where the length of user-supplied data is not properly validated before copying to a fixed-length stack-based buffer, causing a stack-based buffer overflow that can lead to remot...

8.8CVSS9.1AI score0.01108EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/13 7:40 p.m.17 views

CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...

8.8CVSS7.8AI score0.01108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/13 7:40 p.m.11 views

CVE-2024-5949 Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability

Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...

4.3CVSS6.5AI score0.0058EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 7:40 p.m.57 views

CVE-2024-5949

CVE-2024-5949 affects Deep Sea Electronics DSE855 devices. The flaw is in the handling of multipart boundaries, caused by a logic error that can trigger an infinite loop, enabling network-adjacent attackers to perform a denial-of-service. Authentication is not required. The available connected so...

6.5CVSS4.6AI score0.0058EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/13 7:40 p.m.15 views

CVE-2024-5950 Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

8.8CVSS7.8AI score0.01118EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 7:40 p.m.49 views

CVE-2024-5950

CVE-2024-5950 affects Deep Sea Electronics DSE855 devices. The root cause is improper validation of the length of user-supplied data in multipart form handling, copying into a fixed-length stack-based buffer, leading to a stack-based buffer overflow and remote code execution. Exploitation is poss...

8.8CVSS9.1AI score0.01118EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/06/13 7:40 p.m.51 views

CVE-2024-5951

CVE-2024-5951 affects Deep Sea Electronics DSE855 devices. The flaw occurs in the web-based UI where there is a lack of authentication before granting access to functions, enabling network-adjacent attackers to trigger a denial-of-service by abusing authenticated-access gaps. Documents consistent...

7.1CVSS6.7AI score0.00778EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/13 7:40 p.m.22 views

CVE-2024-5951 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

7.1CVSS0.00778EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/13 7:40 p.m.17 views

CVE-2024-5951 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

7.1CVSS7AI score0.00778EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 7:40 p.m.35 views

CVE-2024-5952 Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability

Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...

4.3CVSS0.00603EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 7:40 p.m.57 views

CVE-2024-5952

CVE-2024-5952 affects Deep Sea Electronics DSE855 devices. The flaw is in the web-based UI where authentication is not required, allowing network-adjacent attackers to bypass auth and trigger a denial-of-service condition. Documented by ZDI (ZDI-24-676) and referenced in NVD/NVD-derived entries; ...

6.5CVSS4.8AI score0.00603EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/13 7:40 p.m.17 views

CVE-2024-5952 Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability

Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...

4.3CVSS6.8AI score0.00603EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.4 views

Deep Sea Electronics DSE855 Security Vulnerability

Deep Sea Electronics DSE855 is a USB to Ethernet communication device from Deep Sea Electronics, UK. A security vulnerability exists in the Deep Sea Electronics DSE855 that stems from a specific flaw in the handling of multipart form variables that lacks proper validation of the length of...

8.8CVSS7.1AI score0.01118EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.3 views

Deep Sea Electronics DSE855 Security Vulnerability

The Deep Sea Electronics DSE855 is a USB to Ethernet communication device from Deep Sea Electronics, UK. A security vulnerability exists in the Deep Sea Electronics DSE855 that stems from a specific flaw in the handling of multi-part boundaries that could lead to an infinite loop logic error, whi...

6.5CVSS6.6AI score0.0058EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.3 views

Deep Sea Electronics DSE855 Security Vulnerability

Deep Sea Electronics DSE855 is a USB to Ethernet communication device from Deep Sea Electronics, UK. A security vulnerability exists in the Deep Sea Electronics DSE855 that stems from a specific flaw in the Web UI that allows access to functions lacking authentication, which could be exploited by...

6.5CVSS6.6AI score0.00603EPSS
Exploits0References2
Rows per page
Query Builder