Lucene search
K

156 matches found

Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.48 views

Oracle Linux 8 : gssdp / and / gupnp (ELSA-2021-1789)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1789 advisory. gssdp 1.0.5-1 + gssdp-1.0.5-1 - Update to 1.0.5 - Fix SUBSCRIBE misbehaviour - Resolves: 1861928 gupnp 1.0.6-1 + gupnp-1.0.6-1 - Update to 1.0.6 - Fix SUBSCRIBE...

7.8CVSS6.8AI score0.15193EPSS
Exploits3References2
NVD
NVD
added 2021/05/20 2:15 a.m.15 views

CVE-2021-20719

RFNTPS firmware versions System01000004 and earlier, and Web01000004 and earlier allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors...

7.7CVSS0.0044EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/05/20 1:15 a.m.19 views

CVE-2021-20719

RFNTPS firmware versions System01000004 and earlier, and Web01000004 and earlier allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors...

7.1AI score0.0044EPSS
Exploits0References2
OSV
OSV
added 2021/02/24 5:15 p.m.3 views

CVE-2021-21974

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

8.8CVSS7.7AI score0.45063EPSS
Exploits7References3
NVD
NVD
added 2021/02/24 5:15 p.m.32 views

CVE-2021-21974

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

8.8CVSS0.45063EPSS
Exploits7References3
Prion
Prion
added 2021/02/24 5:15 p.m.36 views

Heap overflow

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

5.8CVSS8.8AI score0.45063EPSS
Exploits7References3Affected Software2
Cvelist
Cvelist
added 2021/02/24 4:57 p.m.33 views

CVE-2021-21974

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

9.1AI score0.45063EPSS
Exploits7References3
Vulnrichment
Vulnrichment
added 2021/02/24 4:57 p.m.6 views

CVE-2021-21974

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

7.7AI score0.45063EPSS
Exploits7References3
CNVD
CNVD
added 2021/02/24 12:0 a.m.13 views

VMware ESXi OpenSLP Heap Overflow Vulnerability

VMware ESXi is VMware's open server resource consolidation platform that enables centralized management of multiple servers with less hardware and improved server performance and security. VMware ESXi OpenSLP Heap Overflow Vulnerability.The VMware ESXi OpenSLP heap overflow vulnerability is...

8.8CVSS8AI score0.45063EPSS
Exploits7References1
ATTACKERKB
ATTACKERKB
added 2021/02/24 12:0 a.m.159 views

CVE-2021-21974

OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...

8.8CVSS3.3AI score0.45063EPSS
In wildExploits7References4
Prion
Prion
added 2021/02/04 7:15 a.m.17 views

Denial of service

An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

5CVSS7.3AI score0.03454EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/04 6:18 a.m.49 views

CVE-2020-6088

An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.5CVSS7.4AI score0.03454EPSS
Exploits1References1
Talos
Talos
added 2021/02/02 12:0 a.m.112 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.5CVSS7.4AI score0.03454EPSS
Exploits1
Cvelist
Cvelist
added 2020/12/09 4:28 p.m.43 views

CVE-2020-26829

SAP NetWeaver AS JAVA P2P Cluster Communication, versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. ...

10CVSS9.7AI score0.04708EPSS
Exploits1References4
Veracode
Veracode
added 2020/12/06 4:44 a.m.24 views

Cross-Site Scripting (XSS)

Google Chrome is vulnerable to cross-site scripting. An attacker is able to inject a WPAD file on the local network segment to proxy resources on localhost...

5.7CVSS1.5AI score0.00443EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.10 views

GaussDB Kernel: Specifying the Listening IP Address for the GDS Module

For the GDS module, you are advised to listen on the specified explicit IP addresses on a network segment to listen on the connections to the network Segment. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.25 views

EulerOS Virtualization 3.0.6.6 : wpa_supplicant (EulerOS-SA-2020-2477)

According to the version of the wpasupplicant package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References2
Cvelist
Cvelist
added 2020/10/06 5:0 a.m.18 views

CVE-2020-5634

ELECOM LAN routers WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10 allow an attacker on the same network segment to execute arbitrary OS commands with a...

9AI score0.00614EPSS
Exploits0References2
Prion
Prion
added 2020/09/30 6:15 p.m.20 views

Server side request forgery (ssrf)

An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail gateway configuration feature allows an attacker to perform a scan in order to discover open ports on a machine as well as available machines on the network segment on which the instance of the product...

4CVSS4.6AI score0.01772EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2020/08/22 6:12 a.m.44 views

Internet Bug Bounty: CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().

Description: Versions of tcpdump before 4.9.2 are vulnerable to a buffer over-read in print-icmp6.c. This vulnerability was disclosed to the tcpdump maintainers and was recently patched in version 4.9.2 and disclosed as CVE-2017-13041. Patch:...

7.5CVSS9.3AI score0.04598EPSS
Exploits0
Rows per page
Query Builder