Lucene search
K

12 matches found

CNVD
CNVD
added 2024/02/19 12:0 a.m.20 views

Dell Unity Command Injection Vulnerability (CNVD-2024-09160)

Dell Unity is a unified hybrid storage array for general purpose workloads both locally and in the cloud. A command injection vulnerability exists in Dell Unity, which can be exploited by a local attacker to escape a restricted shell and execute arbitrary OS commands with root privileges...

7.8CVSS7.9AI score0.00644EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/19 12:0 a.m.8 views

Dell Unity Command Injection Vulnerability (CNVD-2024-09157)

Dell Unity is a unified hybrid storage array for general purpose workloads both locally and in the cloud. A command injection vulnerability exists in Dell Unity, which can be exploited by a local attacker to execute commands with root privileges...

7.8CVSS7.5AI score0.00837EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/19 12:0 a.m.14 views

Dell Unity Command Injection Vulnerability (CNVD-2024-09152)

Dell Unity is a unified hybrid storage array for general purpose workloads both locally and in the cloud. A command injection vulnerability exists in Dell Unity, which can be exploited by a local attacker to execute commands with root privileges...

7.8CVSS7.6AI score0.00644EPSS
Exploits0References1
OSV
OSV
added 2023/04/11 9:15 p.m.4 views

CVE-2023-28808

Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices...

9.8CVSS7.3AI score0.00825EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.8 views

Hikvision Hybrid SAN/Cluster Storage products 安全漏洞

Hikvision Hybrid SAN/Cluster Storage Products is a series of cost-effective and reliable Hybrid SAN Storage Area Network products from Hikvision, China. A security vulnerability exists in Hikvision Hybrid SAN/Cluster Storage products, which can be exploited by an attacker to gain administrator...

9.8CVSS8.4AI score0.00825EPSS
Exploits0References2
OSV
OSV
added 2022/06/27 6:15 p.m.5 views

CVE-2022-28172

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...

6.1CVSS6.4AI score
Exploits0References2
OSV
OSV
added 2022/06/27 6:15 p.m.3 views

CVE-2022-28171

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device...

9.8CVSS5.9AI score0.49858EPSS
Exploits6References3
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.4 views

Hikvision Hybrid SAN/Cluster Storage 命令注入漏洞

Hikvision Hybrid SAN/Cluster Storage Products is a line of cost-effective and reliable hybrid SAN Storage Area Network products from Hikvision, a China-based company. A security vulnerability exists in Hikvision Hybrid SAN/Cluster Storage that stems from insufficient input validation in the web...

9.8CVSS8.5AI score0.49858EPSS
Exploits6References9
Positive Technologies
Positive Technologies
added 2022/06/27 12:0 a.m.7 views

PT-2022-18865 · Hikvision · Hikvision Hybrid San/Cluster Storage

Name of the Vulnerable Software and Affected Versions: Hikvision Hybrid SAN/Cluster Storage products affected versions not specified Description: The issue is related to insufficient input validation in the web module of certain Hikvision Hybrid SAN/Cluster Storage products. This allows an attack...

9.8CVSS9.4AI score0.49858EPSS
Exploits6References6
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.4 views

Hikvision Hybrid SAN/Cluster Storage 跨站脚本漏洞

A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN storage area network products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the...

6.5CVSS5.2AI score0.00745EPSS
Exploits1References5
Microsoft KB
Microsoft KB
added 2020/08/11 7:0 a.m.116 views

August 11, 2020—KB4571746 (Security-only update)

August 11, 2020—KB4571746 Security-only update IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. IMPORTANT WSUS scan cab files will continue to be available for Windows Server 2008 SP2. If you have a subset of...

10CVSS7.5AI score0.41131EPSS
Exploits11
Microsoft KB
Microsoft KB
added 2020/06/09 7:0 a.m.98 views

June 9, 2020—KB4561621 (OS Build 17134.1550)

June 9, 2020—KB4561621 OS Build 17134.1550 IMPORTANT We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges, we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional...

9.3CVSS7.7AI score0.59518EPSS
Exploits1
Rows per page
Query Builder