Lucene search
+L

217 matches found

Cvelist
Cvelist
added 2020/07/14 1:18 p.m.23 views

CVE-2020-10039

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to...

7.8AI score0.00523EPSS
Exploits0References1
NVD
NVD
added 2020/04/17 6:15 p.m.23 views

CVE-2019-6203

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic...

9.8CVSS7.5AI score0.0419EPSS
Exploits0References3
CVE
CVE
added 2020/04/17 5:47 p.m.172 views

CVE-2019-6203

CVE-2019-6203 affects Apple devices via the 802.1X component, where a logic/state-management issue could allow a privileged network-position attacker to intercept traffic. Apple’s security pages tie this to iOS 12.2, macOS Mojave 10.14.4, and tvOS 12.2, with fixes in those releases. The CVE is do...

9.8CVSS7.5AI score0.0419EPSS
Exploits0References3Affected Software3
Prion
Prion
added 2020/04/13 5:15 p.m.17 views

Input validation

Cisco Webex Business Suite before 39.1.0 contains a vulnerability that could allow an unauthenticated, remote attacker to affect the integrity of the application. The vulnerability is due to improper validation of host header values. An attacker with a privileged network position, either a...

4.3CVSS4.5AI score0.00336EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/04/01 6:15 p.m.30 views

CVE-2020-9770

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic...

6.5CVSS5.8AI score0.01188EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/04/01 6:15 p.m.48 views

CVE-2020-9770

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic...

6.5CVSS6.9AI score0.01188EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/04/01 5:55 p.m.30 views

CVE-2020-9770

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic...

5.5AI score0.01188EPSS
Exploits0References1
NVD
NVD
added 2020/01/14 5:15 p.m.29 views

CVE-2014-2271

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java...

8.1CVSS8.2AI score0.01508EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/08/17 7:51 p.m.21 views

CVE-2019-8696

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS4.5AI score0.02091EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/07/02 12:0 a.m.37 views

F5 Networks BIG-IP : SNMP vulnerability (K40443301)

SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into various profile types and accessed using SNMPv2. CVE-2019-6640 Impact An attacker with direct SNMP access to a BIG-IP system, or an attacker with a privileged...

5.3CVSS5.8AI score0.01098EPSS
Exploits0References2
OSV
OSV
added 2019/06/12 2:29 p.m.8 views

CVE-2019-6584

A vulnerability has been identified in SIEMENS LOGO!8 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx, SIEMENS LOGO!8 6ED1052-xyy08-0BA0 FS:01 / Firmware version V1.82.02. The integrated webserver does not invalidate the Session ID upon user logout. An attacker that...

8.8CVSS7.2AI score0.0127EPSS
Exploits0References1
Prion
Prion
added 2019/06/12 2:29 p.m.19 views

Privilege escalation

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an...

2.6CVSS5.7AI score0.01548EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/06/12 1:47 p.m.28 views

CVE-2019-6584

A vulnerability has been identified in SIEMENS LOGO!8 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx, SIEMENS LOGO!8 6ED1052-xyy08-0BA0 FS:01 / Firmware version V1.82.02. The integrated webserver does not invalidate the Session ID upon user logout. An attacker that...

8.2AI score0.0127EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/12 1:47 p.m.18 views

CVE-2019-10926

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an...

5.1AI score0.01548EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/06/05 6:5 p.m.29 views

CVE-2019-6800

In TitanHQ SpamTitan through 7.03, a vulnerability exists in the spam rule update function. Updates are downloaded over HTTP, including scripts which are subsequently executed with root permissions. An attacker with a privileged network position is trivially able to inject arbitrary commands...

7.3AI score0.013EPSS
Exploits1References2
Prion
Prion
added 2019/03/05 4:29 p.m.14 views

Input validation

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code...

5.8CVSS7.4AI score0.008EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2019/03/05 4:29 p.m.18 views

CVE-2019-6200

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS7.5AI score0.008EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/02/26 12:0 a.m.77 views

F5 Networks BIG-IP : TMM TLS virtual server vulnerability (K10065173)

A BIG-IP virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle MITM attack, despite the attacker not having gained access to t...

5.9CVSS6.5AI score0.00653EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2019/02/18 11:57 p.m.26 views

Downloads Resources over HTTP in broccoli-closure

Affected versions of broccoli-closure insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...

9.3CVSS5.7AI score0.01682EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/02/18 11:56 p.m.15 views

GHSA-6P48-XFJ3-JW67 Downloads Resources over HTTP in fibjs

Affected versions of fibjs insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References3
Rows per page
Query Builder