Lucene search
K

21 matches found

Packet Storm
Packet Storm
added 2023/04/18 12:0 a.m.415 views

SecurePoint UTM 12.x Session ID Leak

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2023-01-05 Date...

7.6AI score0.03888EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/18 12:0 a.m.371 views

SecurePoint UTM 12.x Memory Leak

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use of Uninitialized Variable CWE-457 Date found: 2023-01-05 Date published: 2023-04-12 CVSSv3 Scor...

6.6AI score0.04074EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/12/09 12:0 a.m.258 views

Intel Data Center Manager 4.1 SQL Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html Type: SQL Injection CWE-89 Date found: 2022-01-21 Date...

8CVSS0.5AI score0.01457EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/11/21 12:0 a.m.333 views

WordPress BeTheme 26.5.1.4 PHP Object Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Betheme Vendor URL: https://muffingroup.com/betheme/ Type: Deserialization of Untrusted Data CWE-502 Date found: 2022-11-02 Date published: 2022-11-18 CVSSv3 Score: 8.8...

0.01984EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/07/29 12:0 a.m.334 views

Transposh WordPress Translation 1.0.8.1 Remote Code Execution

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Reliance on File Name or Extension of Externally-Supplied File...

0.1AI score0.01441EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/07/29 12:0 a.m.332 views

Transposh WordPress Translation 1.0.8.1 Cross Site Request Forgery

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Cross-Site Request Forgery CWE-253 Date found: 2021-08-19 Date...

0.1AI score0.00304EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/07/29 12:0 a.m.308 views

Transposh WordPress Translation 1.0.7 Cross Site Scripting

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Cross-Site Scripting CWE-79 Date found: 2021-08-19 Date published:...

5.7AI score0.03644EPSS
Exploits7
Packet Storm
Packet Storm
added 2020/10/28 12:0 a.m.411 views

God Kings 0.60.1 Notification Spoofing

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: God Kings Vendor URL: https://play.google.com/store/apps/details?id=com.innogames.gkandroid Type: Improper Verification of Intent by Broadcast Receiver CWE-925 Date found: 2020-09-07 Date...

5.6AI score0.00393EPSS
Exploits3
Cvelist
Cvelist
added 2020/07/17 6:40 p.m.25 views

CVE-2020-1654 Junos OS: SRX Series: processing a malformed HTTP message when ICAP redirect service is enabled may can lead to flowd process crash or remote code execution

On Juniper Networks SRX Series with ICAP Internet Content Adaptation Protocol redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service DoS or Remote Code Execution RCE Continued processing of this malformed HTTP message may result in an extended Denial of...

9.8CVSS9.7AI score0.02232EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2020/07/03 12:0 a.m.215 views

Android o2 Business 1.2.0 Open Redirect

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: o2 Business for Android Vendor URL: https://play.google.com/store/apps/details?id=telefonica.de.o2business Type: Open Redirect CWE-601 Date found: 2020-04-16 Date published: 2020-07-01 CVSSv...

6.4AI score0.01001EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/05/14 12:0 a.m.158 views

Schneider Electric U.Motion Builder 1.3.4 Command Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Schneider Electric U.Motion Builder Vendor URL: www.schneider-electric.com Type: OS Command Injection CWE-78 Date found: 2018-11-15 Date published: 2019-05-13 CVSSv3 Score: 9.8...

6.8CVSS0.6AI score0.72486EPSS
Exploits6
exploitpack
exploitpack
added 2019/05/14 12:0 a.m.53 views

Schneider Electric U.Motion Builder 1.3.4 - track_import_export.php object_id Unauthenticated Command Injection

Schneider Electric U.Motion Builder 1.3.4 - trackimportexport.php objectid Unauthenticated Command Injection RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Schneider Electric U.Motion Builder Vendor URL: www.schneider-electric.com Type: ...

7.5CVSS0.8AI score0.72486EPSS
Exploits6
exploitpack
exploitpack
added 2016/11/22 12:0 a.m.28 views

AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting

AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting RCESEC-2016-009 AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent Persistent Cross-Site Scripting RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product:...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2016/07/13 12:0 a.m.53 views

Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities

Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Apache Archiva Vendor URL: https://archiva.apache.org Type: Cross-Site Request Forgery CWE-253 Date found: 2016-05-...

6.8CVSS0.5AI score0.07863EPSS
Exploits7
Exploit DB
Exploit DB
added 2016/05/23 12:0 a.m.63 views

XenAPI 1.4.1 for XenForo - Multiple SQL Injections

RCESEC-2016-002 XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: XenAPI for XenForo Vendor URL: github.com/Contex/XenAPI Type: SQL Injection CWE-89 Date found: 2016-05-20 Da...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/05/03 12:0 a.m.39 views

Swagger Editor 2.9.9 Cross Site Scripting

Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Swagger Editor Vendor URL: https://github.com/swagger-api/swagger-editor Type: Cross-Site Scripting CWE-79 Date found:...

Exploits0
Packet Storm
Packet Storm
added 2014/03/03 12:0 a.m.30 views

GetGo Download Manager 4.x Stack Buffer Overflow

RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: GetGo Download Manager Vendor URL: www.getgosoft.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2014-02-20 Date published: 2014-03-02 CVSSv2 Score: 10,0 AV:N/AC:L/Au:N/C:C/I:C/A:C...

10CVSS1.4AI score0.6144EPSS
Exploits12
Packet Storm
Packet Storm
added 2013/11/16 12:0 a.m.31 views

Avira Secure Backup 1.0.0.1 Build 3616 Buffer Overflow

RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Avira Secure Backup Vendor URL: www.avira.com Type: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-119 Date found: 2013-10-30 Date published: 2013-11-16 CVSSv2...

Exploits7
Packet Storm
Packet Storm
added 2013/10/21 12:0 a.m.40 views

Watchguard Server Center 11.7.4 Cross Site Scripting

Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Watchguard Server Center Vendor URL: www.watchguard.com Type: Cross-Site Scripting CWE-79 Date...

4.3CVSS6.7AI score0.00974EPSS
Exploits2
0day.today
0day.today
added 2013/09/10 12:0 a.m.36 views

Watchguard Server Center 11.7.4 Insecure Library Loading

Watchguard Server Center version 11.7.4 suffers from a dll hijacking vulnerability with wgpr.dll. Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION...

7.2CVSS6.5AI score0.01042EPSS
Exploits4
Rows per page
Query Builder