12 matches found
Security Bulletin: This Power System update is being released to address CVE-2018-8931
Summary POWER8/POWER9: In response to a security bypass vulnerability, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-8931. Vulnerability Details CVEID: CVE-2018-8931 DESCRIPTION: The AMD Ryzen, Ryzen Pro, and Ryzen Mobil...
CVE-2020-3147 Cisco Small Business Switches Denial of Service Vulnerability
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this...
CVE-2020-3147 Cisco Small Business Switches Denial of Service Vulnerability
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this...
CVE-2019-1828
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for use...
CVE-2013-5649
Multiple cross-site scripting XSS vulnerabilities in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.1 before 7.1r15, 7.2 before 7.2r11, 7.3 before 7.3r6, and 7.4 before 7.4r3 allow 1 remote attackers to inject arbitrary web script or HTML via vectors involving login pages, an...
Linksys E1500/E2500 - Multiple Vulnerabilities
Exploit for hardware platform in category web applications ============ Device Description: ============ The Linksys E1500 is a Wireless-N Router with SpeedBoost. It lets you access the Internet via a wireless connection or through one of its four switched ports. You can also use the Linksys E150...
D-Link DIR-615 Rev H CSRF / Disclosure / Command Injection
Device Name: DIR-615 - Hardware revision H1 Vendor: D-Link ============ Device Description: ============ Delivering great wireless performance, network security and coverage, the D-Link Wireless N 300 Router DIR-615 is ideal for upgrading your existing wireless home network. Source:...
Netgear SPH200D XSS / Directory Traversal / Disclosure
Device Name: SPH200D Vendor: Netgear ============ Vulnerable Firmware Releases: ============ Firmware Version : 1.0.4.80 Kernel Version : 4.1-18 Web Server Version : 1.5 ============ Device Description: ============ http://support.netgear.com/product/SPH200D ============ Shodan Torks ============...
[RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances
Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...
ZyWALL USG Appliance Access Bypass
Advisory: Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface The ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited acce...
ZyWALL USG Appliance - Multiple Vulnerabilities
ZyWALL USG Appliance - Multiple Vulnerabilities Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files,...
ZyWALL USG Appliance Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuratio...