Lucene search
K

231 matches found

Cvelist
Cvelist
added 2024/07/02 7:42 a.m.25 views

CVE-2023-41919 Use of Hard-coded Credentials in Kiloview P1/P2 devices

Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access...

9.8CVSS0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/02 7:42 a.m.16 views

CVE-2023-41919 Use of Hard-coded Credentials in Kiloview P1/P2 devices

Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access...

9.8CVSS7AI score0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/02 7:42 a.m.15 views

CVE-2023-41918 Missing Authentication for Critical Function in Kiloview P1/P2 devices

A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...

10CVSS7.5AI score0.00571EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 7:42 a.m.22 views

CVE-2023-41918 Missing Authentication for Critical Function in Kiloview P1/P2 devices

A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...

10CVSS0.00571EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 7:41 a.m.30 views

CVE-2023-41917 Improper input validation in Kiloview P1/P2 devices allows for remote code execution

Inadequate input validation exposes the system to potential remote code execution RCE risks. Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution...

10CVSS0.00711EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/02 7:41 a.m.12 views

CVE-2023-41917 Improper input validation in Kiloview P1/P2 devices allows for remote code execution

Inadequate input validation exposes the system to potential remote code execution RCE risks. Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution...

10CVSS8.2AI score0.00711EPSS
Exploits0References1
NCSC
NCSC
added 2024/07/02 7:4 a.m.8 views

Vulnerabilities discovered in Kiloview P1 4G Video Encoder and P2 4G Video Encoder

Vulnerabilities have been discovered in Kiloview P1 and P2. Kiloview P1 and P2 are hardware solutions for streaming image information in HDMI format. The firmware of these systems contains a number of serious vulnerabilities that allow a malicious person to perform attacks that can lead to the...

10CVSS7.1AI score0.00711EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.4 views

Kiloview P1 and P2 Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from China-based Kiloview. A security vulnerability exists in the Kiloview P1 and P2 that stems from the use of hard-coded credentials...

9.8CVSS6.9AI score0.00421EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.3 views

Kiloview P1 4G Video Encoder and P2 4G Video Encoder Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from China-based Kiloview. A security vulnerability exists in the Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder, which stems from disabling encryption on port 80, which may...

8.8CVSS6.9AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.3 views

Kiloview P1 and P2 Security Vulnerabilities

The Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from Kiloview, a Chinese company. A security vulnerability exists in the Kiloview P1 and P2 that stems from the device's acceptance of the deprecated TLS protocol...

5.3CVSS6.8AI score0.00133EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.5 views

Kiloview P1 and P2 Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from Kiloview China. A security vulnerability exists in the Kiloview P1 and P2. An attacker could exploit the vulnerability to execute unauthenticated commands that could manipulate data,...

10CVSS7.6AI score0.00571EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.6 views

Kiloview P1 and P2 Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from China-based Kiloview. A security vulnerability exists in the Kiloview P1 and P2, which stems from insufficient input validation. The vulnerability can be exploited to execute arbitrary...

10CVSS7.4AI score0.00711EPSS
Exploits0References2
ICS
ICS
added 2024/05/23 6:0 a.m.53 views

AutomationDirect Productivity PLCs

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : AutomationDirect Equipment : Productivity PLCs Vulnerabilities : Buffer Access with Incorrect Length Value, Out-of-bounds Write, Stack-based Buffer Overflow, Improper Access Control, Active...

8.2CVSS9.9AI score0.01423EPSS
Exploits6References10
vulnersOsv
vulnersOsv
added 2024/04/10 3:30 p.m.7 views

io.hawt:hawtio-wildfly (=2.17.7), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +133 more potentially affected by CVE-2023-6236 via org.wildfly.security:wildfly-elytron-http-oidc (>=1.15.7.Final <=2.2.4.Final)

org.wildfly.security:wildfly-elytron-http-oidc MAVEN version =1.15.7.Final, =0.1.0, =9.4.45.v20220203, =9.4.45.v20220203, =9.4.45.v20220203, =10.0.8, =12.0.1, =12.0.1, =12.0.1, =10.0.10, =13.0.0.CR1, =3.1.0.Final, =3.1.1.Alpha1 - org.jboss.resteasy.spring:galleon-feature-pack-layers-metadata-test...

7.3CVSS7.2AI score0.00328EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2024/02/04 10:19 a.m.6 views

p2.webcraftplugins.com Cross Site Scripting vulnerability OBB-3848546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2023/10/17 5:15 a.m.17 views

CVE-2023-45357

Archer Platform 6.x before 6.13 P2 HF2 6.13.0.2.2 contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtain access to sensitive information via a popup warning message. 6.14 6.14.0 is also a fixed release...

6.5CVSS4.7AI score0.00457EPSS
Exploits0References1
Prion
Prion
added 2023/10/13 7:15 a.m.30 views

Sql injection

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead in arbitrary code execution by an admin-privileg...

4.3CVSS7.5AI score0.00829EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2023/10/13 7:15 a.m.37 views

Sql injection

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead in arbitrary code execution by an admin-privileg...

4.3CVSS7.5AI score0.00829EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2023/10/13 6:15 a.m.25 views

CVE-2023-38218 Incorrect Authorization - Customer account takeover

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Incorrect Authorization . An authenticated attacker can exploit this to achieve information exposure and privilege escalation...

8.8CVSS8.6AI score0.00651EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/10/10 9:16 p.m.9 views

org.eclipse.jetty.documentation:jetty-documentation (>=10.0.10 <=10.0.15), org.eclipse.jetty.http3:http3-client (>=10.0.10 <=10.0.15) +6 more potentially affected by CVE-2023-36478 via org.eclipse.jetty.http3:http3-qpack (>=10.0.10 <=10.0.15)

org.eclipse.jetty.http3:http3-qpack MAVEN version =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =5.26.1, =5.27.0 Source cves: CVE-2023-36478 Source advisory: OSV:GHSA-WGH7-54F2-X98R...

7.5CVSS6.7AI score0.03754EPSS
Exploits1
Rows per page
Query Builder