Lucene search
K

182 matches found

Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.333 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offers a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.340 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offer...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/04/22 12:0 a.m.256 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vulnerability

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables...

7.7AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.8 views

ROS-2-1528

2.1528 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
NVD
NVD
added 2023/12/27 5:15 p.m.29 views

CVE-2023-50255

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

9.3CVSS0.01054EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/12/27 4:16 p.m.31 views

CVE-2023-50255 Zip Path Traversal in Deepin-Compressor

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

9.3CVSS9.6AI score0.01054EPSS
Exploits1References2
CVE
CVE
added 2023/12/27 4:16 p.m.49 views

CVE-2023-50255

CVE-2023-50255 affects the Deepin-Compressor default archive manager in Deepin Linux. A path traversal flaw prior to 5.12.21 can be exploited to achieve Remote Command Execution when opening crafted archives. Remediation: upgrade to version 5.12.21 or later (as listed in OpenSUSE/OpenSUSE-SU advi...

9.3CVSS8.6AI score0.01054EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/12/27 4:16 p.m.17 views

CVE-2023-50255 Zip Path Traversal in Deepin-Compressor

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

9.3CVSS7.5AI score0.01054EPSS
Exploits1References4
OSV
OSV
added 2023/12/12 1:15 a.m.5 views

CVE-2023-36650

A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers to execute OS commands as the root Linux user on the host system via forged update packages...

7.2CVSS5.9AI score0.00392EPSS
Exploits1References1
Veeam
Veeam
added 2023/12/05 12:0 a.m.585 views

Backup Warning: "repository time shift detected, immutability flag cannot be set."

Challenge A Backup or Backup Copy job using an Immutable Hardened Linux Repository displays the warning: A problem occurred during setting the immutable flag: repository time shift detected, immutability flag cannot be set. Please refer to KB4482 for more details Cause This warning is displayed...

5.7AI score
Exploits0Affected Software1
CVE
CVE
added 2023/11/08 5:22 p.m.68 views

CVE-2023-3282

CVE-2023-3282 is a local privilege escalation in Palo Alto Networks Cortex XSOAR Engine on Linux. A local attacker with shell access can execute programs with elevated privileges, impacting confidentiality, integrity, and availability (per NVD metrics). The connected sources indicate no public ex...

6.7CVSS6.6AI score0.00174EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.13 views

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command ...

7.2CVSS7AI score0.00463EPSS
Exploits0References3
Prion
Prion
added 2023/07/01 12:15 a.m.28 views

Design/Logic Flaw

A backup file vulnerability found in UniFi applications Version 7.3.83 and earlier running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored...

5.8CVSS9.1AI score0.00757EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/16 7:15 p.m.20 views

Design/Logic Flaw

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

4.3CVSS7.7AI score0.00105EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/16 12:0 a.m.54 views

CVE-2023-25188

CVE-2023-25188 affects Nokia Airscale ASIKA Single RAN devices before 21B. If security hardenings are removed by a CSP, the AaShell diagnostic tool, which is disabled by default, can allow unauthenticated access from the BTS management network to the embedded Linux OS. This is a local impact risk...

7.8CVSS7.6AI score0.00105EPSS
Exploits0References2Affected Software1
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.130 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 net/ulp: use-after-free in listening ULP sockets CVE-2023-0461 cpu: AMD CPUs may transiently execu...

8.8CVSS8.5AI score0.03763EPSS
Exploits13References82
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/20 2:28 a.m.42 views

Security Bulletin: Unprivileged GPU access vulnerability - CVE-2013-5987

Summary NVIDIA device driver bug that could allow an unprivileged user to control target system. Vulnerability Details Abstract NVIDIA device driver bug that could allow an unprivileged user to control target system. Content Vulnerability Details: CVE ID : CVE-2013-5987 Description: NVIDIA Graphi...

7.2CVSS7.2AI score0.00415EPSS
Exploits0
hivepro
hivepro
added 2023/04/12 6:59 a.m.11 views

New Cylance Ransomware Targets Linux and Windows Operating Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cylance ransomware is a new malware that is capable of adjusting to customized encryption tactics and can accept different command-line parameters. To receive real-time threat advisories, please follow...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/15 3:12 p.m.28 views

Moderate: Red Hat Security Advisory: toolbox security and bug fix update

An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.7AI score0.01618EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/09/11 12:0 a.m.3 views

PT-2022-37682 · Undefined · Undefined

Уязвимость драйверов rtl8192e ядра операционной системы Linux связана с неосвобождением ресурса после истечения действительного срока его эксплуатирования. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать утечку памяти с помощью сетевого кадра 802.11 типа...

7.8CVSS7.3AI score
Exploits0References2
Rows per page
Query Builder