Lucene search
K

2963 matches found

ICS
ICS
added 2021/09/14 12:0 a.m.47 views

Siemens SINEMA Server

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain encoded...

5.3CVSS5.6AI score0.00804EPSS
Exploits0References11
Zero Day Initiative
Zero Day Initiative
added 2021/09/08 12:0 a.m.32 views

NETGEAR XR1000 UPnP SOAPAction Missing Authentication Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue results from a lack ...

6.5CVSS2.3AI score0.00895EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/31 12:0 a.m.4 views

Matrix 信息泄露漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. Matrix suffers from an information disclosure vulnerability that stems from the product not doing valid authentication of access user privileges. An attacker could access members' sensitive information via another...

3.5CVSS5.6AI score0.01457EPSS
Exploits0References6
NVD
NVD
added 2021/08/25 12:15 p.m.19 views

CVE-2021-33882

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands...

8.6CVSS0.011EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/25 11:19 a.m.18 views

CVE-2021-33882

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands...

6.8CVSS8.8AI score0.011EPSS
Exploits0References2
CVE
CVE
added 2021/08/25 11:19 a.m.46 views

CVE-2021-33882

CVE-2021-33882 affects B. Braun SpaceCom2 prior to 012U000062 and is a Missing Authentication for Critical Function issue that lets a remote attacker reconfigure the device via unauthenticated commands on the SpaceCom/SpaceStation interface. Public Red Hat/US advisories and the McAfee/Trellix ana...

8.6CVSS8.5AI score0.011EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.24 views

Siemens Sicam Missing Authentication for Critical Function

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the network could be able to install specially crafted firmware to the device. File data ot500482.nasl...

5CVSS4.2AI score0.00826EPSS
Exploits0References2
OSV
OSV
added 2021/07/29 11:15 a.m.1 views

CVE-2020-36239

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17....

9.8CVSS7.5AI score
Exploits0References3
CVE
CVE
added 2021/07/29 10:12 a.m.99 views

CVE-2020-36239

CVE-2020-36239 affects Jira Data Center, Jira Core Data Center, Jira Software Data Center (versions prior to 8.5.16 for 6.3.0 line, prior to 8.13.8 for 8.6.0 line, prior to 8.17.0 for 8.14.0 line) and Jira Service Management Data Center (prior to 4.5.16 for 2.0.2 line, prior to 4.13.8 for 4.6.0 l...

9.8CVSS9.7AI score0.48883EPSS
Exploits1References3Affected Software3
Cvelist
Cvelist
added 2021/07/29 10:12 a.m.42 views

CVE-2020-36239

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17....

9.8AI score0.48883EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2021/07/29 10:12 a.m.17 views

CVE-2020-36239

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17....

9.8AI score0.48883EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/07/29 12:0 a.m.56 views

Atlassian Jira Data Center / Jira Service Management Data Center Missing Authentication (2021-07-21)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is affected by a missing authentication flaw in its Ehcache RMI component. An unauthenticated, remote attacker could exploit this to bypass authentication and execute arbitrary code on an...

9.8CVSS9AI score0.48883EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/07/22 6:27 p.m.31 views

CVE-2020-7389 Sage X3 Syracuse Missing Authentication for Critical Function in Developer Environment

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production...

5.5CVSS7.1AI score0.02071EPSS
Exploits1References1
NVD
NVD
added 2021/07/21 3:15 p.m.44 views

CVE-2021-22784

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system...

5.7CVSS0.12083EPSS
Exploits1References2
OSV
OSV
added 2021/07/21 3:15 p.m.4 views

CVE-2021-22784

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system...

5.7CVSS6.3AI score0.12083EPSS
Exploits1References2
NVD
NVD
added 2021/07/21 3:15 p.m.16 views

CVE-2021-22772

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...

9.8CVSS0.01541EPSS
Exploits0References1
Prion
Prion
added 2021/07/21 3:15 p.m.23 views

Authentication flaw

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...

7.5CVSS9.4AI score0.01541EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2021/07/21 10:40 a.m.43 views

CVE-2021-22784

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system...

5.8AI score0.12083EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.3 views

Open-xchange OX Documents 加密问题漏洞

Open-xchange OX Documents is an office software suite from the American company Open-xchange. The product supports the creation and editing of text documents, spreadsheets, presentations, and more. Open-xchange OX Documents is vulnerable to an encryption issue that arises from a lack of...

5.8CVSS5.2AI score0.00903EPSS
Exploits0References5
OSV
OSV
added 2021/07/13 2:15 p.m.3 views

CVE-2021-36124

An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated users to access pages that are vulnerable to attacks such as SQL injection...

9.8CVSS5.9AI score0.01076EPSS
Exploits0References1
Rows per page
Query Builder