Lucene search
K

725 matches found

CVE
CVE
added 2019/01/03 10:0 p.m.59 views

CVE-2018-18997

The CVE-2018-18997 issue affects ABB GATE-E1 and GATE-E2 gateway Ethernet devices used in Pluto Safety PLC systems. The vulnerability stems from Improper Neutralization of Input During Web Page Generation (CWE-79): via the administrative web interface, an unauthenticated attacker can insert an HT...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/12/20 12:0 a.m.3 views

ABB GATE-E1 and GATE-E2 Cross-Site Scripting Vulnerabilities

The ABB GATE-E1 and GATE-E2 are both Ethernet gateway devices from ABB Switzerland. A cross-site scripting vulnerability exists in ABB GATE-E1 EOL 2013 and GATE-E2 EOL OCT 2018, which can be exploited by a remote attacker to inject HTML/Javascript loads into arbitrary device property entries, whi...

6.1CVSS6.4AI score0.00913EPSS
Exploits0References1
ICS
ICS
added 2018/12/18 12:0 a.m.55 views

ABB GATE-E2

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: GATE-E2 Vulnerabilities: Missing Authentication for Critical Function, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

9.8CVSS8.2AI score0.02646EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/11/09 12:0 a.m.6 views

The vulnerability of the Monitoring Manager component in the real-time data synchronization tool Oracle GoldenGate allows a hacker to gain full control over the application.

The vulnerability of the Monitoring Manager component in the real-time data synchronization tool Oracle GoldenGate arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain full control over the application using a TCP...

10CVSS8AI score0.04179EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2018/11/02 12:0 a.m.459 views

Gate Pass Management System 2.1 SQL Injection

Exploit Title: Gate Pass Management System 2.1 - 'login' SQL Injection Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.livebms.com Software Link: https://netcologne.dl.sourceforge.net/project/gatepass/gpmsUpdate.zip Version: 2.1 Category: Webapps Tested on:...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2018/11/02 12:0 a.m.33 views

Gate Pass Management System 2.1 - 'login' SQL Injection

Exploit Title: Gate Pass Management System 2.1 - 'login' SQL Injection Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.livebms.com Software Link: https://netcologne.dl.sourceforge.net/project/gatepass/gpmsUpdate.zip Version: 2.1 Category: Webapps Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/10/31 12:0 a.m.33 views

South Gate Inn Online Reservation System 1.0 - q SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/30 12:0 a.m.32 views

South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection

Exploit Title: South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/southgateinn0.zip...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/10/17 12:0 a.m.3 views

Unspecified Vulnerability in Oracle GoldenGate (CNVD-2018-24130)

Oracle GoldenGate is the United States Oracle Oracle company for real-time data integration and replication in IT environments, a comprehensive software package, which supports real-time data integration, transactional change data capture, data services, transformation and validation capabilities...

7.5CVSS7.4AI score0.03857EPSS
Exploits1References1
CNVD
CNVD
added 2018/10/17 12:0 a.m.1 views

Unspecified Vulnerability in Oracle GoldenGate (CNVD-2018-24129)

Oracle GoldenGate is the United States Oracle Oracle company for real-time data integration and replication in IT environments, a comprehensive software package, which supports real-time data integration, transactional change data capture, data services, transformation and validation capabilities...

10CVSS8.7AI score0.04179EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2018/08/31 6:21 p.m.4 views

angular-rome (>=0.2.4 <=0.2.9), api-gate (>=0.0.8 <=0.0.14) +74 more potentially affected by CVE-2018-16487 +1 more via lodash._basemerge (>=2.0.0 <=2.4.1)

lodash.basemerge NPM version =2.0.0, =0.2.4, =0.0.8, =0.1.2, =0.5.0, =0.0.3, =0.0.2, =0.0.0, =0.1.3, =0.0.0, =0.0.1, =0.0.1, =0.0.1, =1.0.18, =1.1.16 and more Source cves: CVE-2018-16487, CVE-2018-3721 Source advisory: SNYK:JS-LODASHBASEMERGE-450200...

6.8CVSS6.4AI score0.02413EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2018/08/12 12:39 p.m.9 views

tapwhisky.com XSS vulnerability

Open Bug Bounty ID: OBB-663301 Description| Value ---|--- Affected Website:| tapwhisky.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
seebug.org
seebug.org
added 2018/05/21 12:0 a.m.3018 views

Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability(CVE-2018-8120)

作者:bigric3 作者博客: 5月15日ESET发文其在3月份捕获了一个 pdf远程代码执行(cve-2018-4990)+windows本地权限提升(cve-2018-8120)的样本。ESET发文后,我从vt上下载了这样一份样本()。初步逆向,大致明确如外界所传,该漏洞处于开发测试阶段,不慎被上传到了公网样本检测的网上,由ESET捕获并提交微软和adobe修补。测试特征字符串如下 定位样本中关键的代码并调试分析...

7.2CVSS0.2AI score0.73721EPSS
Exploits18
Openbugbounty
Openbugbounty
added 2018/05/09 4:36 a.m.9 views

gate-project.org XSS vulnerability

Open Bug Bounty ID: OBB-614247 Description| Value ---|--- Affected Website:| gate-project.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
OSV
OSV
added 2018/04/19 2:29 a.m.3 views

CVE-2018-2832

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. The supported version that is affected is 12.2.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate...

8.6CVSS7.3AI score0.01902EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2018/04/05 12:0 a.m.44 views

kubernetes security update

1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from Orabug 27125915 1.9.1-2.1.4.dev - Make sure worker node upgrade properly - Orabug 27649898 1.9.1-2.1.3.dev - Ensure that the runtime mounts RO volumes read-only CVE-2017-1002102 - Update Dashboard version...

9.6CVSS7.6AI score0.11586EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2018/01/30 10:28 p.m.10 views

angular-rome (>=0.2.4 <=0.2.9), api-gate (>=0.0.8 <=0.0.14) +74 more potentially affected by CVE-2018-3721 via lodash._basemerge (>=2.0.0 <=2.4.1)

lodash.basemerge NPM version =2.0.0, =0.2.4, =0.0.8, =0.1.2, =0.5.0, =0.0.3, =0.0.2, =0.0.0, =0.1.3, =0.0.0, =0.0.1, =0.0.1, =0.0.1, =1.0.18, =1.1.16 and more Source cves: CVE-2018-3721 Source advisory: SNYK:JS-LODASHBASEMERGE-450201...

6.5CVSS6.4AI score0.02413EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2018/01/22 5:53 p.m.22 views

A week in security (January 15 – January 21)

Last week on Labs, we gave you some background information about cookies, specifically which ones to worry about and why. We also warned you about scams surrounding the Mega Millions winner, who promised to donate his money to good causes. We analyzed a cryptocurrency miner using a very old...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/17 4:0 p.m.141 views

A coin miner with a “Heaven’s Gate”

You might call the last two years the years of ransomware. Ransomware was, without a doubt, the most popular type of malware. But at the end of last year, we started observing that ransomware was losing its popularity to coin miners. It is very much possible that this trend will grow as 2018...

7.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/01/15 11:36 a.m.9 views

gate-project.org XSS vulnerability

Open Bug Bounty ID: OBB-522993 Description| Value ---|--- Affected Website:| gate-project.org Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

6.4AI score
Exploits0
Rows per page
Query Builder