Lucene search
K

11234 matches found

Cvelist
Cvelist
added 2023/03/08 12:27 a.m.18 views

CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE

The webservices in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all...

9.8CVSS9.8AI score0.00738EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/08 12:27 a.m.25 views

CVE-2023-0089 Proofpoint Enterprise Protection webutils authenticated RCE

The webutils in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below...

8.8CVSS9AI score0.00733EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/03/07 7:10 p.m.76 views

Critical: Red Hat Security Advisory: Satellite 6.11.5 Async Security Update

Updated Satellite 6.11 packages that fixes critical security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

9.8CVSS6.8AI score0.02824EPSS
Exploits3References15
hivepro
hivepro
added 2023/03/07 6:5 a.m.10 views

Multiple Vulnerabilities Found in Cisco IP Phones Web-Based Management Interface

Threat Level Vulnerability Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary Cisco has disclosed two high-severity vulnerabilities affecting its IP phones, with one causing remote code execution RCE and the other enabling...

1.3AI score
Exploits0
0day.today
0day.today
added 2023/03/07 12:0 a.m.623 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissionsundefined Exploit

CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives root. ¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯...

8.8CVSS9AI score0.02501EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/07 12:0 a.m.612 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions

¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Product: sipXcom sipXopenfire Vendor: CoreDial Name: "sipXcom sipXopenfire XMPP message system command argument injection and insecure service file permissions RCE" Version:...

9AI score0.02501EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.13 views

EulerOS 2.0 SP11 : sysstat (EulerOS-SA-2023-1418)

According to the versions of the sysstat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1...

7.8CVSS7.4AI score0.01096EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/03/07 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-1418)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.01096EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.30 views

EulerOS 2.0 SP11 : sysstat (EulerOS-SA-2023-1433)

According to the versions of the sysstat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1...

7.8CVSS7.4AI score0.01096EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2023/03/06 9:30 p.m.29 views

Remote code execution in Funadmin

Funadmin v3.2.0 was discovered to contain a remote code execution RCE vulnerability via the component \controller\Addon.php...

9.8CVSS9.6AI score0.01405EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/03/06 9:15 p.m.31 views

CVE-2021-36394

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...

9.8CVSS9.9AI score0.07034EPSS
Exploits2References1
NVD
NVD
added 2023/03/06 8:15 p.m.15 views

CVE-2023-24776

Funadmin v3.2.0 was discovered to contain a remote code execution RCE vulnerability via the component \controller\Addon.php...

9.8CVSS9.9AI score0.01405EPSS
Exploits1References1
OSV
OSV
added 2023/03/06 8:15 p.m.11 views

CVE-2023-24776

Funadmin v3.2.0 was discovered to contain a remote code execution RCE vulnerability via the component \controller\Addon.php...

9.8CVSS10AI score
Exploits0References1
GithubExploit
GithubExploit
added 2023/03/06 10:9 a.m.747 views

Exploit for Improper Input Validation in Moodle

CVE-2022-35649 Payload Generator using Python 2 and Det...

9.8CVSS9.4AI score0.06441EPSS
Exploits1
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.18 views

CVE-2023-24736

PMB v7.4.6 was discovered to contain a remote code execution RCE vulnerability via the component /sauvegarde/restaureact.php...

10AI score0.0161EPSS
Exploits1References1
CVE
CVE
added 2023/03/06 12:0 a.m.55 views

CVE-2023-24736

PMB v7.4.6 contains a remote code execution (RCE) vulnerability in the component /sauvegarde/restaure_act.php. The issue is exposed over a network vector with no user interaction required and privileges. Documented impact indicates high/critical potential (C:H/I:H/A:H), but exploitation status is...

9.8CVSS9.8AI score0.0161EPSS
Exploits1References1Affected Software1
Android Security Bulletins
Android Security Bulletins
added 2023/03/06 12:0 a.m.58 views

Android Security Bulletin—March 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

9.8CVSS6.8AI score0.01445EPSS
Exploits1
CVE
CVE
added 2023/03/06 12:0 a.m.55 views

CVE-2023-24776

Funadmin v3.2.0 is affected by a remote code execution (RCE) vulnerability in the controllerAddon.php component (via \controller\Addon.php). NVD lists CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no privileges, no user interaction required, and impact to confidentiality, integr...

9.8CVSS9.8AI score0.01405EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/06 12:0 a.m.13 views

Atlassian Confluence 7.12.x < 7.12.5 RCE Via OGNL Injection

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.13.23, 6.14.x prior to 7.4.11, 7.5.x prior to 7.11.6 or 7.12.x prior to 7.12.5. It is, therefore, affected by an OGNL injection vulnerability that would allow an attacker...

8.8CVSS8.5AI score0.01657EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.18 views

CVE-2023-24776

Funadmin v3.2.0 was discovered to contain a remote code execution RCE vulnerability via the component \controller\Addon.php...

10AI score0.01405EPSS
Exploits1References1
Rows per page
Query Builder