Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

4364 matches found

OpenVAS
OpenVASā€¢added 2020/01/23 12:0 a.m.ā€¢32 views

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-2431)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.06359EPSS
Exploits3References3
NVD
NVDā€¢added 2020/01/22 7:15 p.m.ā€¢17 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.8CVSS9.6AI score0.0182EPSS
Exploits1References3
Prion
Prionā€¢added 2020/01/22 7:15 p.m.ā€¢21 views

Design/Logic Flaw

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

7.5CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software2
Cvelist
Cvelistā€¢added 2020/01/22 6:48 p.m.ā€¢26 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.7AI score0.0182EPSS
Exploits1References3
CVE
CVEā€¢added 2020/01/22 6:48 p.m.ā€¢66 views

CVE-2019-19843

CVE-2019-19843 affects Ruckus Wireless Unleashed firmware up to 200.7.10.102.64. The issue is an incorrect access control in the Web UI that allows remote credential fetch via an unauthenticated HTTP request exploiting a symlink involving /tmp and web/user/wps_tool_cache. Impact per sources inclu...

9.8CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software1
NVD
NVDā€¢added 2020/01/20 10:15 p.m.ā€¢35 views

CVE-2020-7243

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.04244EPSS
Exploits1References1
OSV
OSVā€¢added 2020/01/20 10:15 p.m.ā€¢5 views

CVE-2020-7243

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

7.2CVSS7.6AI score
Exploits0References1
Prion
Prionā€¢added 2020/01/20 10:15 p.m.ā€¢12 views

Remote code execution

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.04244EPSS
Exploits1References1Affected Software1
CVE
CVEā€¢added 2020/01/20 9:56 p.m.ā€¢59 views

CVE-2020-7243

CVE-2020-7243 affects Comtech Stampede FX-1010 (version 7.4.3). A flaw in the Fetch URL page allows remote authenticated administrators to achieve remote code execution by submitting shell metacharacters in the URL field; in some cases authentication can be obtained with the comtech password. Mit...

9CVSS7.5AI score0.04244EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesā€¢added 2020/01/20 12:0 a.m.ā€¢4 views

PT-2020-19493

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3 Description The issue allows remote authenticated administrators to achieve remote code execution by navigating to the "Fetch URL" page and entering shell metacharacters in the URL field. In some cases,...

9CVSS7.6AI score0.04244EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusā€¢added 2020/01/02 12:0 a.m.ā€¢71 views

EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)

According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...

7.5CVSS7.1AI score0.06889EPSS
Exploits3References5
Hacker One
Hacker Oneā€¢added 2019/12/19 2:26 p.m.ā€¢200 views

Keybase: SOP bypass using browser cache

Summary An attacker has the ability to extract sensitive information from user's accounts, due to a CORS issue. On a minor note, this also is a cross-site leak as we can fingerprint what exact keybase user has accessed the attacker's website. Information disclosed:...

0.1AI score
Exploits0
NVD
NVDā€¢added 2019/12/18 6:15 p.m.ā€¢26 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.3AI score0.01225EPSS
Exploits0References5
OSV
OSVā€¢added 2019/12/18 6:15 p.m.ā€¢2 views

DEBIAN-CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.2AI score0.01225EPSS
Exploits0References1
OSV
OSVā€¢added 2019/12/18 6:15 p.m.ā€¢7 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS7.7AI score
Exploits0References5
UbuntuCve
UbuntuCveā€¢added 2019/12/18 6:15 p.m.ā€¢35 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.7AI score0.01225EPSS
Exploits0References2
Prion
Prionā€¢added 2019/12/18 6:15 p.m.ā€¢26 views

Cross site scripting

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

4.3CVSS6AI score0.01225EPSS
Exploits0References5Affected Software5
OSV
OSVā€¢added 2019/12/18 6:15 p.m.ā€¢4 views

UBUNTU-CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.6AI score0.01225EPSS
Exploits0References3
CVE
CVEā€¢added 2019/12/18 5:33 p.m.ā€¢187 views

CVE-2019-8515

CVE-2019-8515 concerns a cross-origin issue in the WebKit fetch API. The vulnerability could allow disclosure of sensitive user information when processing malicious web content. Appleā€™s advisories fix it in iOS 12.2, tvOS 12.2, Safari 12.1 for Windows, and iCloud for Windows 7.11; iTunes 12.9.4 ...

6.5CVSS6.4AI score0.01225EPSS
Exploits0References5Affected Software5
Debian CVE
Debian CVEā€¢added 2019/12/18 5:33 p.m.ā€¢30 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS5.4AI score0.01225EPSS
Exploits0
Rows per page
Query Builder