Lucene search
K

68 matches found

CNNVD
CNNVD
added 2022/05/10 12:0 a.m.10 views

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 is a wireless router from AUO D-Link of Taiwan, China. The D-Link DIR-816 A2v1.10CNB04 firmware version suffers from a buffer overflow vulnerability that originates from a boundary error in the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip when processing untrusted...

10CVSS9.1AI score0.1605EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2022/03/30 6:29 a.m.8 views

pershingcountynv.gov Cross Site Scripting vulnerability OBB-2454127

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Openbugbounty
Openbugbounty
added 2022/03/06 1:44 p.m.14 views

nv-leasing.de Improper Access Control vulnerability OBB-2412113

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
NVD
NVD
added 2021/02/22 7:15 a.m.19 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

8.8CVSS0.00161EPSS
Exploits0References1
Prion
Prion
added 2021/02/22 7:15 a.m.30 views

Input validation

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

7.2CVSS8.8AI score0.00161EPSS
Exploits0References1
CVE
CVE
added 2021/02/22 6:25 a.m.92 views

CVE-2020-11177

CVE-2020-11177 affects Qualcomm closed‑source components in Snapdragon devices (Auto/Compute/Connectivity/IOT/Wearables, etc.). The issue arises from improper validation of the SPC code setting and device lock, allowing a local attacker to overwrite the Security Code NV item without current SPC b...

8.8CVSS8.7AI score0.00161EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2020/11/02 6:25 p.m.9 views

leg.state.nv.us Cross Site Scripting vulnerability OBB-1477649

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Tenable Nessus
Tenable Nessus
added 2020/10/08 12:0 a.m.27 views

Fedora 33 : tpm2-tss (2020-1d3fcce2a3)

tpm2-tss 3.0.1 changed or fixed : Fix CVE-2020-24455 FAPI PolicyPCR not instatiating correctly Note that all TPM object created with a PolicyPCR with the currentPcrs and currentPcrsAndBank options have been created with an incorrect policy that ommits PCR checks. All these objects have to be...

6.7CVSS6.5AI score0.00588EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/10/07 12:0 a.m.23 views

Fedora 32 : tpm2-tss (2020-bb8e3c5548)

tpm2-tss 2.4.3 changed or fixed : Fix CVE-2020-24455 FAPI PolicyPCR not instatiating correctly Note that all TPM object created with a PolicyPCR with the currentPcrs and currentPcrsAndBank options have been created with an incorrect policy that ommits PCR checks. All these objects have to be...

6.7CVSS6.5AI score0.00588EPSS
Exploits0References2
0day.today
0day.today
added 2020/01/29 12:0 a.m.134 views

Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Fifthplay S.A.M.I 2019.2HP - Persistent Cross-Site Scripting Exploit Author: LiquidWorm Vendor: Fifthplay NV Vendor Homepage: https://www.fifthplay.com Version: 2019.2HP Tested on: Linux CVE : - Fifthplay S.A.M.I - Service...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/29 12:0 a.m.213 views

Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting

Exploit Title: Fifthplay S.A.M.I 2019.2HP - Persistent Cross-Site Scripting Date: 2020-01-29 Exploit Author: LiquidWorm Vendor: Fifthplay NV Vendor Homepage: https://www.fifthplay.com Version: 2019.2HP Tested on: Linux CVE : - Fifthplay S.A.M.I - Service And Management Interface Unauthenticated...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.19 views

openSUSE: Security Advisory for singularity (openSUSE-SU-2018:3316-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.8CVSS6.8AI score0.01596EPSS
Exploits0References2
Prion
Prion
added 2018/09/06 5:29 p.m.16 views

Command injection

GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in method: notifySpaceModification; that can result in Improper validation ...

10CVSS9.7AI score0.08076EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2018/09/06 5:0 p.m.22 views

CVE-2018-1000666

GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in method: notifySpaceModification; that can result in Improper validation ...

9.8AI score0.08076EPSS
Exploits1References5
CVE
CVE
added 2018/09/06 5:0 p.m.42 views

CVE-2018-1000666

CVE-2018-1000666 affects GIG Technology NV JumpScale Portal 7. The vulnerability is an OS Command Injection (CWE-78) in the notifySpaceModification method, arising from improper neutralization/validation of input parameters, allowing command execution. According to sources, the issue is exploitab...

10CVSS9.7AI score0.08076EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2017/11/17 10:21 a.m.15 views

Man-in-the-Middle (MitM)

nv-websocket-client is vulnerable to man-in-the-middle MitM attacks. The library accepts a trusted certificate issued to domain A when connecting to domain B, allowing a malicious user to conduct a man-in-the-middle attack...

5.9CVSS5.6AI score0.0066EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2016/06/27 12:0 a.m.39 views

Option CloudGate Insecure Direct Object Reference Auth Bypass

Option CloudGate Insecure Direct Object References Authorization Bypass Vendor: Option NV Product web page: http://www.option.com Affected version: CG0192-11897 Summary: The CloudGate M2M gateway from Option provides competitively priced LAN to WWAN routing and GPS functionality in a single basic...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2016/06/27 12:0 a.m.43 views

Option CloudGate CG0192-11897 - Multiple Vulnerabilities

Option CloudGate Insecure Direct Object References Authorization Bypass Vendor: Option NV Product web page: http://www.option.com Affected version: CG0192-11897 Summary: The CloudGate M2M gateway from Option provides competitively priced LAN to WWAN routing and GPS functionality in a single basic...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2016/06/25 12:0 a.m.74 views

Option CloudGate Insecure Direct Object References Authorization Bypass

Summary The CloudGate M2M gateway from Option provides competitively priced LAN to WWAN routing and GPS functionality in a single basic unit certified on all major us cellular operators CDMA/EV-DO and WCDMA/HSPA+. The CloudGate is simple to configure locally or remotely from your PC, tablet or...

5.8AI score
Exploits0
Exploit DB
Exploit DB
added 2016/06/16 12:0 a.m.83 views

Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal

Gemalto Sentinel License Manager 18.0.1 Directory Traversal Vulnerability Vendor: Gemalto NV | SafeNet, Inc Product web page: http://www.gemalto.com | http://www.safenet-inc.com Affected version: 18.0.1.55505 Summary: The Sentinel License Manager enforces and manages licensing in multi-user...

7AI score
Exploits0
Rows per page
Query Builder