CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

227 matches found

Enigma NMS < 65.0.0 - Authenticated OS Command Injection

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an authenticated attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action. id:...

10CVSS7.7AI score0.25279EPSS

Exploits5References3

RedhatCVE•added 2026/01/07 9:33 a.m.•5 views

CVE-2019-16062

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data...

6.5CVSS7.2AI score0.00756EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:32 a.m.•9 views

CVE-2019-16064

NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list operating-system directory...

9.6CVSS6.6AI score0.01306EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:31 a.m.•14 views

CVE-2019-16068

A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious managefiles.cgi request. This can be triggered via XSS or an IFRAME tag included within the site...

8.8CVSS6AI score0.00947EPSS

Exploits5References1

RedhatCVE•added 2026/01/07 9:31 a.m.•6 views

CVE-2019-16065

A remote SQL injection web vulnerability was discovered in the Enigma NMS 65.0.0 and prior web application that allows an attacker to execute SQL commands to expose and compromise the web server, expose database tables and values, and potentially execute system-based commands as the mysql user...

9CVSS8.2AI score0.0281EPSS

Exploits5References1

RedhatCVE•added 2026/01/07 9:30 a.m.•7 views

CVE-2019-16061

A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data e.g., .htpasswd and create/modify/delete content e.g., under /var/www/html/docs with...

8.8CVSS6.7AI score0.00994EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:30 a.m.•4 views

CVE-2019-16070

A number of stored Cross-site Scripting XSS vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through web application form inputs...

6.1CVSS6.2AI score0.00691EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:30 a.m.•3 views

CVE-2019-16069

6.1CVSS6.2AI score0.00686EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:30 a.m.•4 views

CVE-2019-16063

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an attacker to expose unencrypted sensitive data...

7.5CVSS6.8AI score0.00666EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•7 views

CVE-2019-16072

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...

10CVSS8.1AI score0.25279EPSS

Exploits5References1