Lucene search
K

190 matches found

NVD
NVD
added 2025/07/25 3:15 p.m.5 views

CVE-2024-48729

An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...

7.1CVSS0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/25 12:0 a.m.3 views

CVE-2024-48729

An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...

6.4AI score0.00327EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.4 views

PT-2025-30845 · Etsi · Etsi Open-Source Mano

Name of the Vulnerable Software and Affected Versions: ETSI Open-Source MANO OSM versions 14.x through 15.x Description: An issue allows a remote attacker to escalate privileges via the /osm/admin/v1/users component. Recommendations: ETSI Open-Source MANO OSM versions 14.x and 15.x are affected. ...

7.1CVSS6.5AI score0.00327EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/07/25 12:0 a.m.3 views

CVE-2024-48730

The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...

6.8AI score0.00488EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.7 views

PT-2025-30846 · Etsi · Etsi Open-Source Mano

Name of the Vulnerable Software and Affected Versions: ETSI Open-Source MANO OSM versions 14.x through 15.x Description: The software does not impose restrictions on authentication attempts performed by an administrator user, potentially allowing a remote attacker to escalate privileges...

6.5CVSS7AI score0.00488EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/07/25 12:0 a.m.12 views

CVE-2024-48729

An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...

0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/25 12:0 a.m.9 views

CVE-2024-48730

The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...

0.00488EPSS
Exploits0References1
CVE
CVE
added 2025/07/25 12:0 a.m.20 views

CVE-2024-48729

The CVE-2024-48729 issue affects ETSI Open-Source MANO (OSM) versions 14.x (before 14.0.3), 15.x (before 15.0.2), 16.0.0, and 17.0.0. A remote authenticated attacker can escalate privileges via the /osm/admin/v1/users component. The connected sources confirm the vulnerability path but do not prov...

7.1CVSS6.4AI score0.00327EPSS
Exploits0References1
CVE
CVE
added 2025/07/25 12:0 a.m.21 views

CVE-2024-48730

CVE-2024-48730 affects ETSI Open-Source MANO (OSM) versions 14.x–17.x. The issue arises from a default admin account that does not limit authentication attempts, enabling a remote attacker to escalate privileges. Evidence in multiple feeds (including Red Hat and CNNVD/CVE records) confirms the co...

6.5CVSS6.8AI score0.00488EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/18 12:0 a.m.16 views

CVE-2025-48219

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI E-UTRAN Cell Identity leak. The Cell ID might be usable to...

3.5CVSS0.00267EPSS
Exploits0References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/13 5:30 a.m.14 views

New cybersecurity rules for smart heat pump manufacturers

TL;DR Smart heat pumps face new UK cybersecurity rules Must meet ETSI EN 303 645 under the Smart Secure Electricity Systems programme Applies to most domestic heat devices up to 45 kW Compliance deadline expected to be late 2026 / early 2027 Aims to protect consumers, data, and the national grid...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.38 views

Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment SACK sequences to affected products. This plugin only works with Tenable.ot...

7.5CVSS6.7AI score0.94686EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.13 views

Oracle Linux 5 : wireshark (ELSA-2007-0710)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0710 advisory. 0.99.6-1.el5.01 - Added patch for OCFS2 formatting 0.99.6-1 - upgrade to 0.99.6 - Wireshark could crash when dissecting an HTTP chunked response -...

7.8CVSS5.6AI score0.16258EPSS
Exploits2References6
Packet Storm
Packet Storm
added 2023/07/26 12:0 a.m.278 views

ETSI WEBstore 2023 Cross Site Scripting

Document Title: =============== ETSI WEBstore 2023 - Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2327 Release Date: ============= 2023-07-26 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2023/07/25 12:0 a.m.405 views

ETSI WEBstore 2023 - Persistent Cross Site Vulnerability

Document Title: =============== ETSI WEBstore 2023 - Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2327 Release Date: ============= 2023-07-25 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/16 6:49 p.m.10 views

list.etsi.org Cross Site Scripting vulnerability OBB-3437294

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/02 2:2 p.m.8 views

portal.etsi.org Cross Site Scripting vulnerability OBB-3375398

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/25 12:0 a.m.23 views

Wireshark 1.4.x < 1.4.15 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.4.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.4.15 advisory. - Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before...

3.3CVSS7.2AI score0.02126EPSS
Exploits4References25
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.3 views

SUSE CVE-2012-4285

The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a zero-length message...

3.3CVSS7.4AI score0.02083EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.2 views

SUSE CVE-2013-1588

Multiple buffer overflows in the dissectpftfecdetailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service application crash via a malformed packet...

2.9CVSS7.5AI score0.00864EPSS
Exploits0References3
Rows per page
Query Builder