Lucene search
+L

96 matches found

OSV
OSV
added 2023/10/17 8:15 p.m.4 views

CVE-2023-4896

A vulnerability exists which allows an authenticated attacker to access sensitive information on the AirWave Management Platform web-based management interface. Successful exploitation allows the attacker to gain access to some data that could be further exploited to laterally access devices...

6.5CVSS5.8AI score0.00444EPSS
Exploits0References1
Prion
Prion
added 2023/08/31 4:15 p.m.26 views

Authentication flaw

A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...

6.8CVSS8.8AI score0.00454EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/31 3:31 p.m.39 views

CVE-2023-34392 Missing Authentication for Critical Function

A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...

8.2CVSS9.1AI score0.00454EPSS
Exploits0References2
CNVD
CNVD
added 2023/08/07 12:0 a.m.19 views

ZKTeco BioAccess IVS Information Disclosure Vulnerability

ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. An information disclosure vulnerability exists in ZKTeco BioAccess IVS, which can be exploited by an attacker to obtain sensitive information about all managed devices...

7.5CVSS5.9AI score0.00498EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2023/08/04 1:45 p.m.20 views

Microsoft Teams used in phishing campaign to bypass multi-factor authentication

Attackers believed to have ties to Russia's Foreign Intelligence Service SVR are using Microsoft Teams chats as credential theft phishing lures. Microsoft Threat Intelligence has posted details about the perceived attacks targeted at fewer than 40 unique global organizations. The targeted...

7.1AI score
Exploits0
OSV
OSV
added 2023/08/03 2:15 a.m.7 views

CVE-2023-38955

ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.7 views

ZKTeco BioAccess IVS 安全漏洞

ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. An information disclosure vulnerability exists in ZKTeco BioAccess IVS, which can be exploited by an attacker to obtain sensitive information about all managed devices...

7.5CVSS6AI score0.00498EPSS
Exploits0References3
NVD
NVD
added 2023/05/22 4:15 p.m.24 views

CVE-2023-2587

Teltonika’s Remote Management System versions prior to 4.10.0 contain a cross-site scripting XSS vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an HTML object to trigger...

8.3CVSS7.6AI score0.00917EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.5 views

SUSE CVE-2022-2606

Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.9AI score0.00615EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2023/02/01 10:46 a.m.23 views

New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

A new exploit has been devised to "unenroll" enterprise- or school-managed Chromebooks from administrative control. Enrolling ChromeOS devices makes it possible to enforce device policies as set by the organization via the Google Admin console, including the features that are available to users...

6.5AI score
Exploits0
NVD
NVD
added 2022/12/23 4:15 p.m.17 views

CVE-2022-38757

A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions e.g., install a bundle on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone bu...

7.2CVSS0.00838EPSS
Exploits0References3
OSV
OSV
added 2022/12/23 4:15 p.m.7 views

CVE-2022-38757

A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions e.g., install a bundle on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone bu...

7.2CVSS5.8AI score0.00838EPSS
Exploits0References3
Prion
Prion
added 2022/12/23 4:15 p.m.14 views

Design/Logic Flaw

A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions e.g., install a bundle on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone bu...

5.8CVSS6.8AI score0.00838EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/23 12:0 a.m.19 views

CVE-2022-38757 CVE-2022-38757 ZENworks

A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions e.g., install a bundle on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone bu...

7.2CVSS7.1AI score0.00838EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/23 12:0 a.m.5 views

Micro Focus ZENworks 安全漏洞

Micro Focus ZENworks is a suite of software products for computer systems management from Micro Focus UK. Designed to manage the entire lifecycle of servers, desktop PCs Windows, Linux, or Mac, laptops, and handheld devices such as Android and iOS phones and tablets. A security vulnerability exis...

7.2CVSS7.1AI score0.00838EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/23 12:0 a.m.7 views

PT-2022-24555 · Micro Focus · Micro Focus Zenworks

Name of the Vulnerable Software and Affected Versions: Micro Focus ZENworks versions 2020 Update 3a and prior Description: A vulnerability has been identified that allows administrators with rights to perform actions, such as installing a bundle, on a set of managed devices, to exercise these...

7.2CVSS6.9AI score0.00838EPSS
Exploits0References6
Prion
Prion
added 2022/09/30 7:15 p.m.19 views

Design/Logic Flaw

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists...

5CVSS5.5AI score0.00767EPSS
Exploits0References1Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2022/08/16 12:0 a.m.50 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10092-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...

8.8CVSS6.9AI score0.00799EPSS
Exploits3References1
NVD
NVD
added 2022/08/12 8:15 p.m.28 views

CVE-2022-2606

Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS0.00615EPSS
Exploits0References4
OSV
OSV
added 2022/08/12 8:15 p.m.2 views

DEBIAN-CVE-2022-2606

Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.2AI score0.00615EPSS
Exploits0References1
Rows per page
Query Builder