Lucene search
K

73 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/20 12:0 a.m.12 views

Wireshark 4.2.x < 4.2.9 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.2.9 advisory. - The FiveCo RAP dissector could go into an infinite loop. Fixed in master: d8ca9fc339 Fixed in release-4.4:...

7.8CVSS6.5AI score0.00299EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.6 views

PT-2024-8606

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.2.0 through 4.2.8 Wireshark versions 4.4.0 through 4.4.1 Description The issue is related to the FiveCo RAP dissector in Wireshark, which can enter an infinite loop. This can be exploited to cause a denial of service by...

7.8CVSS6.6AI score0.00306EPSS
Exploits12References56
Openbugbounty
Openbugbounty
added 2023/12/11 12:8 a.m.4 views

rap-n-blues.com Improper Access Control vulnerability OBB-3808859

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
NVD
NVD
added 2023/09/21 8:15 a.m.16 views

CVE-2023-4760

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileNameString name method. As soon as this...

9.8CVSS9AI score0.01041EPSS
Exploits1References2
Prion
Prion
added 2023/09/21 8:15 a.m.23 views

Design/Logic Flaw

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileNameString name method. As soon as this...

7.5CVSS9.6AI score0.01041EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/09/21 7:35 a.m.48 views

CVE-2023-4760

CVE-2023-4760 affects Eclipse RAP versions 3.0.0–3.25.0. The issue arises from the FileUploadProcessor.stripFileName(String name) path handling: when a "/" is found, the portion before it is discarded, but backslashes that appear later may be kept. This can allow Remote Code Execution on Windows ...

9.8CVSS9AI score0.01041EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/09/21 7:35 a.m.15 views

CVE-2023-4760 Remote Code Execution in Eclipse RAP on Windows

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileNameString name method. As soon as this...

7.6CVSS7.2AI score0.01041EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/09/21 7:35 a.m.25 views

CVE-2023-4760 Remote Code Execution in Eclipse RAP on Windows

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileNameString name method. As soon as this...

7.6CVSS10AI score0.01041EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/09/21 7:35 a.m.13 views

CVE-2023-4760 Remote Code Execution in Eclipse RAP on Windows

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileNameString name method. As soon as this...

7.6CVSS7.5AI score0.01041EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/09/21 12:0 a.m.4 views

Eclipse RAP Path Traversal Vulnerability

Eclipse RAP is an open source software project of the Eclipse Foundation designed to enable software developers to build Ajax-enabled Rich Internet Applications using the Eclipse development model, plug-ins, and Java-only Application Programming Interface. A security vulnerability exists in Eclip...

9.8CVSS7.8AI score0.01041EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/08/17 12:0 a.m.43 views

CVE-2023-38902

A command injection vulnerability in RG-EW series home routers and repeaters v.EW3.01B11P219, RG-NBS and RG-S1930 series switches v.SWITCH3.01B11P219, RG-EG series business VPN routers v.EG3.01B11P219, EAP and RAP series wireless access points v.AP3.01B11P219, and NBC series wireless controllers...

9.3AI score0.02187EPSS
Exploits1References1
CVE
CVE
added 2023/08/17 12:0 a.m.101 views

CVE-2023-38902

CVE-2023-38902 describes a command injection in Ruijie RG-EW/RG-NBS/RG-S1930/RG-EG/EAP/RAP/NBC devices. Affected are RG-EW series (EW 3.0(1)B11P219), RG-NBS/S1930 (3.0(1)B11P219), RG-EG (3.0(1)B11P219), EAP/RAP (3.0(1)B11P219), and NBC controllers (AC 3.0(1)B11P219). The root cause is a vulnerabi...

8.8CVSS9AI score0.02187EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2023/07/31 2:15 p.m.70 views

CVE-2023-34644

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW3.01B11P204, RG-NBS and RG-S1930 series switches SWITCH3.01B11P218, RG-EG series business VPN routers EG3.01B11P216, EAP and RAP series wireless access points AP3.01B11P218, NBC series wirele...

9.8CVSS9.8AI score0.01523EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/31 12:0 a.m.28 views

Ruijie Networks Product 代码注入漏洞

Ruijie Networks Product is a series of Ruijie wireless products from China-based Ruijie Networks. A security vulnerability exists in the Ruijie Networks Product that originates from an API privilege that allows a remote attacker to escalate via a POST request to /cgi-bin/luci/ and affects the...

9.8CVSS8.4AI score0.01523EPSS
Exploits0References2
CVE
CVE
added 2023/07/31 12:0 a.m.2692 views

CVE-2023-34644

CVE-2023-34644 is a remote code execution vulnerability in Ruijie Networks products. A crafted POST to /cgi-bin/luci/api/auth allows unauthorized remote attackers to gain the highest privileges. Affected products and versions include Ruijie RG-EW series (EW_3.0(1)B11P204), RG-NBS and RG-S1930 ser...

9.8CVSS9.6AI score0.01523EPSS
Exploits0References2Affected Software1
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/10/16 12:48 p.m.28 views

This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how cybercriminals are passing the time during the COVID-19 pandemic with online poker games, where the prizes include stolen...

7.2AI score
Exploits0
FireEye
FireEye
added 2020/02/05 12:0 a.m.18 views

STOMP 2 DIS: Brilliance in the (Visual) Basics

Throughout January 2020, FireEye has continued to observe multiple targeted phishing campaigns designed to download and deploy a backdoor we track as MINEBRIDGE. The campaigns primarily targeted financial services organizations in the United States, though targeting is likely more widespread than...

8AI score
Exploits0References15
Openbugbounty
Openbugbounty
added 2020/01/31 5:35 a.m.7 views

rap-fr.fr Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1080627 Security Researcher haxmov Helped patch 708 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting rap-fr.fr website and its...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/09/20 10:45 a.m.11 views

rap-portal.org Open Redirect vulnerability

Open Bug Bounty ID: OBB-678282 Description| Value ---|--- Affected Website:| rap-portal.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

Exploits0
OSV
OSV
added 2018/05/14 12:29 a.m.4 views

CVE-2018-11031

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an apiurl=file:////etc/passwd&apimethod=get POST request...

9.8CVSS5.8AI score0.01961EPSS
Exploits1References1
Rows per page
Query Builder