Lucene search
K

26 matches found

CNVD
CNVD
added 2021/07/14 12:0 a.m.21 views

Dell powerflex presentation server data forgery issue vulnerability

DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...

6.5CVSS2.7AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.6 views

Dell EMC PowerFlex数据伪造问题漏洞

DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...

6.5CVSS5.6AI score0.00336EPSS
Exploits0References2
OSV
OSV
added 2021/03/15 9:13 p.m.2 views

USN-4792-1 freeipa vulnerabilities

It was discovered that FreeIPA incorrectly handled certificates. An attacker could possibly use this issue to cause a denial of service by revoking arbitrary certificates This issue only affected Ubuntu 16.04 ESM. CVE-2016-5404 It was discovered that FreeIPA incorrectly handled authentication...

7.5CVSS6.7AI score0.047EPSS
Exploits0References4
OSV
OSV
added 2019/10/09 4:15 p.m.4 views

CVE-2019-14808

An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data unencrypted to a server without an integrity check, if a user changes personal data in his profile tab e.g., exposure of his birthday or logs into his account i.e., exposure of credentials...

6.8CVSS5.8AI score0.01337EPSS
Exploits1References3
exploitpack
exploitpack
added 2017/09/26 12:0 a.m.22 views

Job Links - Arbitrary File Upload

Job Links - Arbitrary File Upload Exploit Title: Job Links - Complete Job Management Script - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/job-links-complete-job-management-script/20672089 Demo:...

Exploits0
ATTACKERKB
ATTACKERKB
added 2007/12/20 8:46 p.m.5 views

CVE-2007-6497

Hosting Controller 6.1 Hot fix 3.3 and earlier 1 allows remote attackers to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters; and 2 allows remote authenticated users to change a credit amount and increase a discount via an...

7.5CVSS5.8AI score0.02962EPSS
Exploits2References8
Rows per page
Query Builder