Lucene search
K

30 matches found

Cvelist
Cvelist
added 2023/12/15 7:39 a.m.33 views

CVE-2023-48374 SmartStar Software CWS Web-Base - Use of Hard-coded Credentials

SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard-coded for a specific account with low privilege. An unauthenticated remote attacker can exploit this vulnerability to run partial processes and obtain partial information, but can't disrupt service o...

6.5CVSS6.7AI score0.00552EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/15 12:0 a.m.8 views

PT-2023-30809 · Softnext · Softnext Mail Sqr Expert

Name of the Vulnerable Software and Affected Versions: Softnext Mail SQR Expert affected versions not specified Description: The issue is related to a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute...

6.5CVSS6.7AI score0.00617EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/12/15 12:0 a.m.10 views

PT-2023-30801 · Unknown · Smartstar Software Cws

Name of the Vulnerable Software and Affected Versions: SmartStar Software CWS affected versions not specified Description: The issue is related to the use of a hard-coded account with low privilege in SmartStar Software CWS, a web-based integration platform. An unauthenticated remote attacker can...

6.5CVSS6.3AI score0.00552EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/12/15 12:0 a.m.6 views

PT-2023-30814 · Kaifa Technology · Webitr

Name of the Vulnerable Software and Affected Versions: Kaifa Technology WebITR affected versions not specified Description: The issue concerns Kaifa Technology WebITR, an online attendance system. A remote attacker with regular user privileges can obtain partial sensitive system information from ...

4.3CVSS4.4AI score0.0057EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.4 views

PT-2023-6425 · Vmware · Vcenter Server +1

Name of the Vulnerable Software and Affected Versions: vCenter Server versions affected versions not specified Description: The issue is related to a partial information disclosure vulnerability in vCenter Server. It may allow a malicious actor with non-administrative privileges to access...

4.3CVSS8.9AI score0.00667EPSS
Exploits0References19
OSV
OSV
added 2022/12/13 4:15 p.m.3 views

CVE-2022-31699

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure...

3.3CVSS5.8AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.8 views

CVE-2022-31699

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure...

6.4AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/09 12:0 a.m.7 views

VMware ESXi 缓冲区错误漏洞

VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi| vCenter Server that originates from a contained heap overflow, which could be exploited by an attacker to achieve partial information...

3.3CVSS6.6AI score0.00201EPSS
Exploits0References4
CNVD
CNVD
added 2020/03/13 12:0 a.m.3 views

Huawei Honor V30 OxfordS-AN00A Authorization Issues Vulnerability

Huawei Honor V30 is a smartphone from Chinese company Huawei Huawei. An authorization issue vulnerability exists in Huawei Honor V30 OxfordS-AN00A prior version 10.0.1.167 C00E166R4P1. An attacker can exploit the vulnerability to obtain partial information with the help of a malicious application...

5.5CVSS6.4AI score0.00224EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/02/29 11:6 a.m.12 views

Mail.ru: By pass admin panel [seminars.mail.ru]

An partial information from seminars.mail.ru could be obtained due to invalid access restrictions seminars.mail.ru is not in Bug Bounty scope, but some reward was issued due to problem significance...

2.1AI score
Exploits0
Rows per page
Query Builder