Lucene search
+L

1071 matches found

Openbugbounty
Openbugbounty
added 2022/08/20 6:52 p.m.19 views

harmoniedailleurs.fr Cross Site Scripting vulnerability OBB-2856209

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.4 views

WordPress plugin Essential Blocks for Gutenberg 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS5.5AI score0.00419EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.10 views

The vulnerability of the SSH key import function in multifunctional measuring devices SICAM GridEdge Essential ARM (6MD7881-2AA30), SICAM GridEdge Essential Intel (6MD7881-2AA40), SICAM GridEdge Essential Intel (6MD7881-2AA40), and SICAM GridEdge Essential with GDS Intel (6MD7881-2AA20) allows a hacker to execute arbitrary code.

The vulnerability of the SSH key import function in SICAM GridEdge Essential ARM 6MD7881-2AA30, SICAM GridEdge Essential Intel 6MD7881-2AA40, SICAM GridEdge Essential Intel 6MD7881-2AA40, and SICAM GridEdge Essential with GDS Intel 6MD7881-2AA20 devices relates to the disclosure of information in...

6.5CVSS6.3AI score0.00404EPSS
Exploits0References2Affected Software2
Openbugbounty
Openbugbounty
added 2022/06/27 5:43 p.m.16 views

an-electrorecycling.de Cross Site Scripting vulnerability OBB-2688304

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
The Hacker News
The Hacker News
added 2022/06/14 2:51 p.m.19 views

What is the Essential Eight (And Why Non-Aussies Should Care)

In 2017, The Australian Cyber Security Center ACSC published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as the Essential Eight, are designed specifically for use on Windows...

0.2AI score
Exploits0
NVD
NVD
added 2022/06/14 10:15 a.m.14 views

CVE-2022-30229

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known...

8.6CVSS0.00712EPSS
Exploits0References2
NVD
NVD
added 2022/06/14 10:15 a.m.19 views

CVE-2022-30230

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions...

9.8CVSS0.01027EPSS
Exploits0References2
NVD
NVD
added 2022/06/14 10:15 a.m.14 views

CVE-2022-30228

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected software does not apply cross-origin resource sharing CORS restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could...

8.8CVSS0.00377EPSS
Exploits0References2
Prion
Prion
added 2022/06/14 10:15 a.m.15 views

Design/Logic Flaw

A vulnerability has been identified in SICAM GridEdge Essential ARM All versions V2.6.6, SICAM GridEdge Essential Intel All versions V2.6.6, SICAM GridEdge Essential with GDS ARM All versions V2.6.6, SICAM GridEdge Essential with GDS Intel All versions V2.6.6. The affected software does not requi...

5CVSS6AI score0.00712EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/14 9:21 a.m.67 views

CVE-2022-30231

CVE-2022-30231 affects Siemens SICAM GridEdge Essential products (ARM/Intel variants, with/without GDS) and SICAM GridEdge Classic in affected ranges, where prior to v2.6.6 a resource-leak exposes password hashes of other users upon request. The vulnerability enables an authenticated user to retr...

6.9CVSS5AI score0.00576EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/06/14 9:21 a.m.66 views

CVE-2022-30230

CVE-2022-30230 affects Siemens SICAM GridEdge components (Essential ARM/Intel, with/without GDS) prior to version 2.6.6. The vulnerability arises from missing authentication for privileged functions, allowing an unauthenticated attacker to create a new user with administrative permissions. The is...

9.8CVSS8.8AI score0.01027EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/14 9:21 a.m.17 views

CVE-2022-30229

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known...

8.6CVSS5.4AI score0.00712EPSS
Exploits0References2
CVE
CVE
added 2022/06/14 9:21 a.m.67 views

CVE-2022-30228

CVE-2022-30228 affects Siemens SICAM GridEdge Classic (all versions

8.8CVSS6.5AI score0.00377EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.7 views

PT-2022-20026

Name of the Vulnerable Software and Affected Versions SICAM GridEdge Essential ARM versions prior to V2.6.6 SICAM GridEdge Essential Intel versions prior to V2.6.6 SICAM GridEdge Essential with GDS ARM versions prior to V2.6.6 SICAM GridEdge Essential with GDS Intel versions prior to V2.6.6...

9.8CVSS6.6AI score0.01027EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/14 12:0 a.m.8 views

Siemens SICAM GridEdge Essential 授权问题漏洞

SICAM GridEdge enables IoT functionality in your existing IEC 61850 devices with just a few clicks.Siemens SICAM GridEdge is vulnerable to an authentication error, which stems from the fact that the affected software does not require authenticated access to privileged functions and can be exploit...

8.6CVSS5.6AI score0.00712EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/14 12:0 a.m.7 views

Siemens SICAM GridEdge Essential 访问控制错误漏洞

SICAM GridEdge enables IoT functionality in your existing IEC61850 devices with just a few clicks.A source authentication error vulnerability in Siemens SICAM GridEdge is caused by the fact that the affected software does not apply cross-domain resource sharing CORS restrictions to critical...

8.8CVSS5.8AI score0.00377EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/03/08 12:0 a.m.20 views

WordPress Essential Addons for Elementor Plugin < 5.0.9 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpdeveloper:essentialaddonsforelementor"; ifdescription...

6.1CVSS6.4AI score0.03243EPSS
Exploits0References1
OSV
OSV
added 2022/02/24 7:15 p.m.6 views

CVE-2022-0683

The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...

6.1CVSS5.8AI score0.03243EPSS
Exploits0References2
CVE
CVE
added 2022/02/24 6:27 p.m.169 views

CVE-2022-0683

CVE-2022-0683 affects the WordPress plugin WordPress Essential Addons for Elementor Lite. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient escaping and sanitization of the settings parameter found in includes/Traits/Helper.php, exploitable when a user clicks a crafted link. A...

6.1CVSS6AI score0.03243EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/24 6:27 p.m.10 views

CVE-2022-0683 Essential Addons for Elementor Lite <= 5.0.8 Reflected Cross-Site Scripting

The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...

6.1CVSS6AI score0.03243EPSS
Exploits0References2
Rows per page
Query Builder