Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2002-1842

Malware in sbrugna...

4.6CVSS6.4AI score0.00308EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-15727

Malware in sbrugna...

8.8CVSS8.3AI score0.01381EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-15745

Malware in sbrugna...

5.3CVSS5.7AI score0.011EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-20681

Malware in sbrugna...

8.8CVSS8.4AI score0.01039EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-20683

Malware in sbrugna...

5.9CVSS6.3AI score0.00727EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2002-1934

Malware in sbrugna...

5CVSS6.4AI score0.0133EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-20680

Malware in sbrugna...

9.3CVSS8.2AI score0.01624EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 8:28 p.m.13 views

CVE-2002-1955

Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack...

5CVSS7.2AI score0.0133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:27 p.m.6 views

CVE-2002-1949

The Network Attached Storage NAS Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password...

7.5CVSS7.1AI score0.01204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:25 p.m.10 views

CVE-2002-1863

Iomega Network Attached Storage NAS A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled...

4.6CVSS6.9AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/19 12:0 a.m.4 views

PT-2019-18007 · Lenovoemc +1 · Lenovoemc Nas +1

Name of the Vulnerable Software and Affected Versions: Iomega and LenovoEMC NAS products affected versions not specified Description: The issue is related to an information leakage vulnerability. It could allow disclosure of some device details, such as Share names, through the device API when...

5.3CVSS5.3AI score0.011EPSS
Exploits0References2
OSV
OSV
added 2019/07/16 7:15 p.m.4 views

CVE-2019-6160

A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API...

7.5CVSS7.2AI score0.01381EPSS
Exploits0References1
OSV
OSV
added 2018/09/28 8:29 p.m.5 views

CVE-2018-9081

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content...

4.7CVSS5.3AI score0.0055EPSS
Exploits0References1
OSV
OSV
added 2018/09/28 8:29 p.m.4 views

CVE-2018-9079

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model DOM of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the...

9.8CVSS6AI score0.01235EPSS
Exploits0References1
OSV
OSV
added 2018/09/28 8:29 p.m.4 views

CVE-2018-9078

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the Content Explorer application grants users the ability to upload files to shares and this image was rendered in the browser in the device's origin instead of prompting to download the asset. The application does...

8.8CVSS5.9AI score0.01039EPSS
Exploits0References1
OSV
OSV
added 2018/09/28 8:29 p.m.3 views

CVE-2018-9080

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, by setting the Iomega cookie to a known value before logging into the NAS's web application, the NAS will not provide the user a new cookie value. This allows an attacker who knows the cookie's value to compromise...

5.9CVSS5.8AI score0.00727EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/09/28 8:29 p.m.3 views

CVE-2018-9082

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the password changing functionality available to authenticated users does not require the user's current password to set a new one. As a result, attackers with access to the user's session tokens can change their...

8.8CVSS5.5AI score0.00719EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2018/09/28 8:29 p.m.4 views

CVE-2018-9077

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "" characters in the share : name parameter. As a result, arbitrary commands may be executed as the root user. The...

9.3CVSS5.8AI score0.01624EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2018/09/28 8:29 p.m.4 views

CVE-2018-9076

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "" characters in the name parameter. As a result, arbitrary commands may be executed as the root user. The attack...

9.3CVSS5.8AI score0.01624EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2018/09/28 8:29 p.m.5 views

CVE-2018-9079

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model DOM of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the...

9.8CVSS5.9AI score0.01235EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder