Lucene search
+L

41 matches found

Cvelist
Cvelist
added 2021/05/17 4:43 p.m.19 views

CVE-2021-32453 SITEL CAP/PRX information exposure

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the device´s configurati...

6.5CVSS6.3AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2021/05/17 4:43 p.m.53 views

CVE-2021-32453

CVE-2021-32453 affects SITEL CAP/PRX firmware version 5.2.01. The issue allows a local-network attacker to access the device’s internal configuration database via HTTP without authentication, enabling information disclosure about the device configuration. The connected documents Cornfirm the affe...

6.5CVSS4AI score0.00246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/17 4:30 p.m.21 views

CVE-2021-32455 SITEL CAP/PRX vulnerable to a denial of service attack

SITEL CAP/PRX firmware version 5.2.01, allows an attacker with access to the device´s network to cause a denial of service condition on the device. An attacker could exploit this vulnerability by sending HTTP requests massively...

6.8CVSS6.7AI score0.00357EPSS
Exploits0References1
CVE
CVE
added 2021/05/17 4:30 p.m.49 views

CVE-2021-32455

CVE-2021-32455 affects SITEL CAP/PRX firmware version 5.2.01. Affected component: firmware running on SITEL CAP/PRX devices. Root cause described as a resource/handling issue that allows an attacker with access to the device network to trigger a denial-of-service condition by sending HTTP request...

6.8CVSS6.3AI score0.00357EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/05/17 12:0 a.m.5 views

Sitel CAP/PRX 信任管理问题漏洞

Sitel CAP/PRX is an operating system from Sitel France. It is used for central processing units that have a 180MHz ARM9 architecture. A trust management issue vulnerability exists in SITEL CAP/PRX firmware version 5.2.01, which arises from the use of hard-coded passwords, and can be exploited by ...

9.6CVSS8AI score0.00395EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/17 12:0 a.m.6 views

Sitel CAP/PRX 访问控制错误漏洞

Sitel CAP/PRX is an operating system from Sitel France. It is used for central processing units that have a 180 MHz ARM9 architecture. An information disclosure vulnerability exists in SITEL CAP/PRX firmware 5.2.01, which can be exploited by an attacker to access the device's internal configurati...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/17 12:0 a.m.7 views

Sitel CAP/PRX 资源管理错误漏洞

Sitel CAP/PRX is an operating system from Sitel France. It is used for central processing units that have a 180MHz ARM9 architecture. A resource management error vulnerability exists in SITEL CAP/PRX firmware version 5.2.01, which could be exploited by an attacker to cause a denial of service...

6.8CVSS6.7AI score0.00357EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/05/17 12:0 a.m.9 views

PT-2021-19705 · Sitel · Sitel Cap/Prx

Name of the Vulnerable Software and Affected Versions: SITEL CAP/PRX firmware version 5.2.01 Description: The issue allows an attacker with access to the local network to access the internal configuration database of the device via HTTP without any authentication. This could be exploited to obtai...

6.5CVSS4.4AI score0.00246EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/05/17 12:0 a.m.8 views

PT-2021-19708 · Sitel · Sitel Cap/Prx

Name of the Vulnerable Software and Affected Versions: SITEL CAP/PRX firmware version 5.2.01 Description: The issue allows an attacker with access to the local network of the device to obtain authentication passwords by analyzing network traffic. Recommendations: For SITEL CAP/PRX firmware versio...

6.5CVSS6.3AI score0.00266EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/05/13 10:0 a.m.3 views

CVE-2021-32456

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the device to obtain the authentication passwords by analysing the network traffic...

6.5CVSS6.6AI score0.00266EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2020/09/01 10:15 p.m.18 views

CVE-2020-8341

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers PRx. After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPa...

2.4CVSS3.3AI score0.00347EPSS
Exploits0References1
Prion
Prion
added 2020/09/01 10:15 p.m.15 views

Code injection

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers PRx. After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPa...

2.1CVSS3.6AI score0.00347EPSS
Exploits0References1Affected Software10
CVE
CVE
added 2020/09/01 9:30 p.m.45 views

CVE-2020-8341

The CVE-2020-8341 entry concerns Lenovo ThinkPad BIOS/System Management Mode (SMM) protection. After resuming from S3 sleep on various BIOS versions, SPI Protected Range Registers (PRx) may not be set, but this does not undermine SMM BIOS Write Protection. The vulnerability centers on the PRx sig...

2.4CVSS4.3AI score0.00347EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/04/10 5:29 p.m.33 views

Code injection

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers PRx. Lenovo was notified that after resuming from S3 sleep mode in various versions of BIO...

2.1CVSS3.7AI score0.00239EPSS
Exploits0References1Affected Software77
CVE
CVE
added 2019/04/10 5:4 p.m.83 views

CVE-2019-6156

CVE-2019-6156 concerns Lenovo systems where SMM BIOS Write Protection prevents writes to SPI Flash, with an additional layer via SPI Protected Range Registers (PRx). After resuming from S3 sleep on various Lenovo BIOS versions, PRx is not set, but this does not compromise SMM BIOS Write Protectio...

3.3CVSS3.8AI score0.00239EPSS
Exploits0References1Affected Software1
Lenovo
Lenovo
added 2019/04/01 9:13 p.m.99 views

SPI Protected Range Registers Affected by S3 Sleep Mode - US

Lenovo Security Advisory: LEN-26332 Potential Impact: None Severity: Low Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6156 Summary Description: In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additiona...

2.1CVSS2.1AI score0.00239EPSS
Exploits0
NVD
NVD
added 2018/07/09 7:29 p.m.16 views

CVE-2017-3197

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

10CVSS9.5AI score0.05641EPSS
Exploits1References5
Prion
Prion
added 2018/07/09 7:29 p.m.20 views

Format string

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

10CVSS9.5AI score0.05641EPSS
Exploits1References5Affected Software2
CVE
CVE
added 2018/07/09 7:0 p.m.191 views

CVE-2017-3197

CVE-2017-3197 concerns GIGABYTE BRIX UEFI firmware for GB-BSi7H-6500 (vF6) and GB-BXi7-5775 (vF2). The root cause is improper implementation of BIOS write-protection features BIOSWE, BLE, SMM_BWP, and PRx, which leaves the BIOS vulnerable to arbitrary writes and possible SPI flash modifications. ...

10CVSS9.6AI score0.05641EPSS
In wildExploits1References5Affected Software1
0day.today
0day.today
added 2010/10/26 12:0 a.m.51 views

Dawaween V 1.03 SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================== Dawaween V 1.03 SQL Injection Vulnerability =========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\...

7.1AI score
Exploits0
Rows per page
Query Builder