Lucene search
K

35 matches found

Cvelist
Cvelist
added 2023/06/20 8:28 a.m.31 views

CVE-2023-1862 Remote access to warp-svc.exe in Cloudflare WARP

Cloudflare WARP client for Windows up to v2023.3.381.0 allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on an IPC Named Pipe. This would have enabled an attacker to trigger WARP connect and disconnect commands, as well as obtaining...

7.3CVSS7.3AI score0.00754EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/06/20 8:28 a.m.19 views

CVE-2023-1862

Cloudflare WARP client for Windows up to v2023.3.381.0 allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on an IPC Named Pipe. This would have enabled an attacker to trigger WARP connect and disconnect commands, as well as obtaining...

7.3CVSS7AI score0.00754EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/10/13 12:0 a.m.7 views

The vulnerability of the Telnet component of the FortiTester software-defined infrastructure for diagnosing and auditing computer networks allows attackers to circumvent existing security restrictions through brute-force attacks.

The vulnerability of the Telnet component in the software-hardware environment for diagnosing and auditing computer networks, FortiTester, relates to the possibility of executing unauthorized code or commands. Exploiting this vulnerability allows a malicious actor to circumvent existing security...

10CVSS7.8AI score0.0074EPSS
Exploits0References3Affected Software1
Talos
Talos
added 2021/11/15 12:0 a.m.31 views

Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability

Summary An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

9.9CVSS9.9AI score0.06061EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/09/29 12:0 a.m.6 views

The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine aircraft monitoring application, which allows a violator to execute arbitrary commands

The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine monitoring application exists because measures are not taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

10CVSS8.4AI score0.97599EPSS
Exploits1References6Affected Software1
CNVD
CNVD
added 2017/12/20 12:0 a.m.6 views

BrightSign Digital Signage (4k242) Cross-Site Scripting Vulnerability

BrightSign Digital Signage 4k242 is a set of digital signage multimedia playback devices from BrightSign USA. A cross-site scripting vulnerability exists in BrightSign Digital Signage 4k242 using firmware version 6.2.63 and earlier, which stems from the program failing to validate user input. A...

6.1CVSS6.7AI score0.02079EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2017/12/19 12:0 a.m.76 views

BrightSign Digital Signage XSS / Traversal / File Upload

Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: [email protected] Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below suffers from multiple...

0.1189EPSS
Exploits5
Prion
Prion
added 2017/12/18 6:29 a.m.22 views

Code injection

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has XSS via the REF parameter to /networkdiagnostics.html or /storageinfo.html...

4.3CVSS5.9AI score0.02079EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2015/03/26 2:59 p.m.17 views

Command injection

The network diagnostics tool CommandLineServlet in the Appliance Manager command line utility CLU in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command...

6.5CVSS7.9AI score0.25418EPSS
Exploits1References6Affected Software2
Cvelist
Cvelist
added 2015/03/26 2:0 p.m.27 views

CVE-2015-2746

The network diagnostics tool CommandLineServlet in the Appliance Manager command line utility CLU in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command...

7.4AI score0.25418EPSS
Exploits1References6
CVE
CVE
added 2015/03/26 2:0 p.m.53 views

CVE-2015-2746

The CVE-2015-2746 entry applies to Websense TRITON AP-WEB 7.8.3 and V-Series appliances (pre-7.8.4 Hotfix 02). The vulnerability is a command-injection in the Appliance Manager CommandLineServlet where remote authenticated users can inject shell metacharacters via the second parameter (demonstrat...

6.5CVSS7.6AI score0.25418EPSS
Exploits1References6Affected Software2
Kitploit
Kitploit
added 2014/09/04 5:16 a.m.96 views

zAnti - Android Penetration Testing Toolkit (Free!)

zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety. zANTI offers a comprehensive range of fully customizable scans to...

7.6AI score
Exploits0
n0where
n0where
added 2014/03/05 4:53 p.m.24 views

Mobile Security Audit: zANTI

zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety zANTI offers a host of penetration-testing features, including...

0.8AI score
Exploits0
OpenVAS
OpenVAS
added 2012/02/21 12:0 a.m.22 views

RedHat Update for ibutils RHSA-2012:0311-03

Check for the Version of ibutils OpenVAS Vulnerability Test RedHat Update for ibutils RHSA-2012:0311-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.4CVSS6.5AI score0.00444EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2000/09/28 12:0 a.m.37 views

LBL Traceroute 1.4 a5 - Heap Corruption (2)

// source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets. Certain versions of LBNL tracerou...

7.4AI score
Exploits0
Rows per page
Query Builder