CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3851 matches found

Packet Storm•added 2014/09/25 12:0 a.m.•41 views

WS10 Data Server SCADA Overflow

Exploit Title: WS10 Data Server SCADA Exploit Overflow PoC Date: 09/23/2014 Author: Pedro Sánchez Version: 1.83 English Tested on: Windows 7 embedded. Notified the vendor, vendor never responded. In the new version this PoC stops working Vendor: Novus http://www.novus.com.br NOVUS Electronics is ...

0.3AI score

Exploits0

ThreatPost•added 2014/09/24 3:12 p.m.•9 views

David Jacoby on Hacking His Home

Dennis Fisher talks with David Jacoby of Kaspersky Lab about the research he did on the security of electronics gear in his home, including his smart TV, game console and storage devices, and what the vendors need to do to respond. Download: digitalunderground168.mp3 Music by Chris Gonsalves...

1.9AI score

Exploits0References2

Exploit DB•added 2014/09/24 12:0 a.m.•45 views

WS10 Data Server - SCADA Overflow (PoC)

7.4AI score

Exploits0

The Hacker News•added 2014/08/21 9:15 p.m.•17 views

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

The United States division of Samsung has been charged with deceiving the US government into believing that several of its products met the necessary US government policies, resulting in the US government buying unauthorised Chinese-made electronics. The South Korean electronics giant has agreed ...

6.5AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•19 views

LG LR3100p 1.30 Series Router IP Packet Flags Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5550/info The LR series WAN routers are hardware and firmware solutions manufactured and distributed by LG Electronics. It has been reported that scanning some LG routers using various IP flags can cause the router to...

7.1AI score

Exploits0

RedHat Linux•added 2014/06/10 12:34 p.m.•2 views

QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART

Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...

7.2CVSS6.9AI score0.00383EPSS

Exploits0References4

ThreatPost•added 2013/12/18 1:11 p.m.•10 views

Trojan.Ferret DDoS Botnet Discovered

Researchers at Arbor Networks have identified a new DDoS bot with a fancy for ferrets. Following a clue in a tweet, researcher Dennis Schwarz found Trojan.Ferret, including a command and control panel with some insight into targets. To date, a relatively small number of malware samples and comman...

0.5AI score

Exploits0References3

ThreatPost•added 2013/10/22 1:35 p.m.•10 views

Months Later, EAS Equipment Still Vulnerable to SSH Bugs

More than three months ago, a researcher from IOActive published details of some serious problems he’d found with equipment used to run the Emergency Alert System, which is used to send out notifications in the case of a natural disaster or other serious situation. The researcher notified the...

0.4AI score

Exploits0References3

The Hacker News•added 2013/07/09 9:27 p.m.•9 views

U.S Emergency broadcast System vulnerable to hackers

A major vulnerability has been discovered in the U.S. Emergency Alert System, researchers have warned.that could allow hackers to break into the system and broadcast fake messages to the United States. According to a new report by security firm IOActive, U.S. Emergency Alert System, the system us...

6.9AI score

Exploits0

The Hacker News•added 2013/07/09 10:27 a.m.•14 views

U.S Emergency broadcast System vulnerable to hackers

6.9AI score

Exploits0

ThreatPost•added 2013/07/08 5:18 p.m.•28 views

EAS Devices Shipping with Compromised Root SSH Key

UPDATE – Firmware images for the application servers that distribute messages for the Emergency Alert System in the United States were shipping with a private root SSH key that has been disclosed. Hackers who have this key can access one of these servers and interrupt or manipulate an EAS message...

0.8AI score

Exploits0References4

NVD•added 2013/06/30 7:28 p.m.•18 views

CVE-2013-4735

The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network...

10CVSS6.8AI score0.04786EPSS

Exploits0References5

NVD•added 2013/06/30 7:28 p.m.•22 views

CVE-2013-4734

dasdecmkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors...

7.5CVSS6.5AI score0.01376EPSS

Exploits0References5

NVD•added 2013/06/30 7:28 p.m.•21 views

CVE-2013-4733

The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files...

7.8CVSS6.3AI score0.02242EPSS

Exploits0References5

NVD•added 2013/06/30 7:28 p.m.•20 views

CVE-2013-4732

The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU662676...

10CVSS6.7AI score0.03041EPSS

Exploits0References5

NVD•added 2013/06/30 7:28 p.m.•23 views

CVE-2013-0137

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session...

10CVSS6.5AI score0.13446EPSS

Exploits0References6