Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15280 matches found

Metasploit
Metasploitadded 2024/03/28 7:50 p.m.217 views

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...

9.8CVSS9.8AI score0.78303EPSS
Exploits6
OSV
OSVadded 2024/03/28 7:15 p.m.3 views

DEBIAN-CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS7.2AI score0.01002EPSS
Exploits0References1
NVD
NVDadded 2024/03/28 7:15 p.m.19 views

CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS8.5AI score0.01002EPSS
Exploits0References10
OSV
OSVadded 2024/03/28 7:15 p.m.5 views

CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS8.6AI score0.01002EPSS
Exploits0References10
UbuntuCve
UbuntuCveadded 2024/03/28 7:15 p.m.37 views

CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS6.9AI score0.01002EPSS
Exploits0References3
OSV
OSVadded 2024/03/28 7:15 p.m.1 views

UBUNTU-CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS7AI score0.01002EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2024/03/28 6:32 p.m.25 views

CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS7.4AI score0.01002EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2024/03/28 6:32 p.m.28 views

CVE-2024-3019 Pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS6.7AI score0.01002EPSS
Exploits0References10
Cvelist
Cvelistadded 2024/03/28 6:32 p.m.24 views

CVE-2024-3019 Pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS8.7AI score0.01002EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.4 views

PT-2024-22207

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP...

9.8CVSS8.7AI score0.00577EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.4 views

PT-2024-22204

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP...

9.8CVSS8.6AI score0.00624EPSS
Exploits0References7
CNNVD
CNNVDadded 2024/03/28 12:0 a.m.3 views

NEC Aterm 安全漏洞

The NEC Aterm is a series of wireless routers from Nippon Electric NEC. A security vulnerability exists in NEC Aterm that originates from allowing an attacker to execute arbitrary commands with root privileges over the Internet. The following products and versions are affected: WG1800HP4,...

9.8CVSS8.8AI score0.0065EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/03/28 12:0 a.m.3 views

NEC Aterm 安全漏洞

The NEC Aterm is a series of wireless routers from Nippon Electric NEC. A security vulnerability exists in NEC Aterm that stems from the use of hard-coded passwords that allow an attacker to execute arbitrary operating system commands over the Internet. The following products and versions are...

9.8CVSS8.9AI score0.00577EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.4 views

PT-2024-22205

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP...

9.8CVSS8.8AI score0.0065EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.4 views

PT-2024-22209

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP...

9.8CVSS8.8AI score0.00743EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2024/03/27 5:56 p.m.49 views

CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS8.8AI score0.01002EPSS
Exploits0References3
The Hacker News
The Hacker Newsadded 2024/03/27 10:39 a.m.45 views

Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence AI platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to...

9.8CVSS8.7AI score0.81512EPSS
Exploits22
Positive Technologies
Positive Technologiesadded 2024/03/27 12:0 a.m.6 views

PT-2024-2710 · Cockpit +9 · Cockpit +9

Name of the Vulnerable Software and Affected Versions: Performance Co-Pilot PCP versions 4.3.4 and newer Description: The issue is related to the pmproxy component of the Performance Co-Pilot PCP software, which is used for monitoring and visualizing performance. It involves the exposure of...

9CVSS7.8AI score0.01002EPSS
Exploits0References69
CNNVD
CNNVDadded 2024/03/27 12:0 a.m.2 views

pcp 安全漏洞

pcp is a system performance analysis toolkit. A security vulnerability exists in pcp that stems from allowing an attacker to execute remote commands via pmproxy...

8.8CVSS8.7AI score0.01002EPSS
Exploits0References5
CNVD
CNVDadded 2024/03/27 12:0 a.m.3 views

TOTOLINK A3300R Command Execution Vulnerability

The TOTOLINK A3300R is a dual-band wireless router. A command execution vulnerability exists in the TOTOLINK A3300R, which stems from a Remote Command Execution RCE vulnerability in multiple parameters of the setOpModeCfg function, which can be exploited by an attacker to execute arbitrary system...

8CVSS8.1AI score0.01498EPSS
Exploits0References1
Rows per page
Query Builder