Lucene search
K

4382 matches found

Prion
Prion
added 2020/01/22 7:15 p.m.21 views

Design/Logic Flaw

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

7.5CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2020/01/22 6:48 p.m.30 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.7AI score0.0182EPSS
Exploits1References3
CVE
CVE
added 2020/01/22 6:48 p.m.67 views

CVE-2019-19843

CVE-2019-19843 affects Ruckus Wireless Unleashed firmware up to 200.7.10.102.64. The issue is an incorrect access control in the Web UI that allows remote credential fetch via an unauthenticated HTTP request exploiting a symlink involving /tmp and web/user/wps_tool_cache. Impact per sources inclu...

9.8CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2020/01/20 10:15 p.m.35 views

CVE-2020-7243

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.04244EPSS
Exploits1References1
OSV
OSV
added 2020/01/20 10:15 p.m.5 views

CVE-2020-7243

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

7.2CVSS7.6AI score
Exploits0References1
Prion
Prion
added 2020/01/20 10:15 p.m.12 views

Remote code execution

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.04244EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/01/20 9:56 p.m.62 views

CVE-2020-7243

CVE-2020-7243 affects Comtech Stampede FX-1010 (version 7.4.3). A flaw in the Fetch URL page allows remote authenticated administrators to achieve remote code execution by submitting shell metacharacters in the URL field; in some cases authentication can be obtained with the comtech password. Mit...

9CVSS7.5AI score0.04244EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/01/20 12:0 a.m.4 views

PT-2020-19493

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3 Description The issue allows remote authenticated administrators to achieve remote code execution by navigating to the "Fetch URL" page and entering shell metacharacters in the URL field. In some cases,...

9CVSS7.6AI score0.04244EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.71 views

EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)

According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...

7.5CVSS7.1AI score0.06889EPSS
Exploits3References5
Hacker One
Hacker One
added 2019/12/19 2:26 p.m.202 views

Keybase: SOP bypass using browser cache

Summary An attacker has the ability to extract sensitive information from user's accounts, due to a CORS issue. On a minor note, this also is a cross-site leak as we can fingerprint what exact keybase user has accessed the attacker's website. Information disclosed:...

0.1AI score
Exploits0
NVD
NVD
added 2019/12/18 6:15 p.m.26 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.3AI score0.01225EPSS
Exploits0References5
OSV
OSV
added 2019/12/18 6:15 p.m.3 views

DEBIAN-CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.2AI score0.01225EPSS
Exploits0References1
OSV
OSV
added 2019/12/18 6:15 p.m.8 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS7.7AI score
Exploits0References5
Prion
Prion
added 2019/12/18 6:15 p.m.27 views

Cross site scripting

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

4.3CVSS6AI score0.01225EPSS
Exploits0References5Affected Software5
UbuntuCve
UbuntuCve
added 2019/12/18 6:15 p.m.38 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.7AI score0.01225EPSS
Exploits0References2
OSV
OSV
added 2019/12/18 6:15 p.m.6 views

UBUNTU-CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.6AI score0.01225EPSS
Exploits0References3
CVE
CVE
added 2019/12/18 5:33 p.m.188 views

CVE-2019-8515

CVE-2019-8515 concerns a cross-origin issue in the WebKit fetch API. The vulnerability could allow disclosure of sensitive user information when processing malicious web content. Apple’s advisories fix it in iOS 12.2, tvOS 12.2, Safari 12.1 for Windows, and iCloud for Windows 7.11; iTunes 12.9.4 ...

6.5CVSS6.4AI score0.01225EPSS
Exploits0References5Affected Software5
Debian CVE
Debian CVE
added 2019/12/18 5:33 p.m.30 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS5.4AI score0.01225EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/12/16 12:0 a.m.66 views

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

9.8CVSS7.4AI score0.03133EPSS
Exploits0References45
RedHat Linux
RedHat Linux
added 2019/11/22 8:52 a.m.3 views

hw: Machine Check Error on Page Size Change (IFU)

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

6.5CVSS7.3AI score0.00915EPSS
Exploits0References6
Rows per page
Query Builder