Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-2183

Malware in sbrugna...

4.3CVSS8.1AI score0.02994EPSS
Exploits0References24
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19641

Malware in sbrugna...

7.5CVSS7.4AI score0.01398EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-15619

Malware in sbrugna...

8.6CVSS8.2AI score0.01119EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4133

Malware in sbrugna...

5.9CVSS5.6AI score0.00779EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-12024

Malware in sbrugna...

9.3CVSS8.9AI score0.02448EPSS
Exploits2References2
OSV
OSV
added 2021/05/13 4:15 p.m.11 views

CVE-2021-32919

An issue was discovered in Prosody before 0.11.9. The undocumented dialbackwithoutdialback option in moddialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...

7.5CVSS7.4AI score
Exploits0References8
NVD
NVD
added 2019/01/03 10:29 p.m.23 views

CVE-2018-4012

An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud serve...

9.3CVSS9.5AI score0.02546EPSS
Exploits1References1
Talos
Talos
added 2018/12/17 12:0 a.m.82 views

Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability

Summary An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightClo...

9.3CVSS8.6AI score0.02546EPSS
Exploits1
Prion
Prion
added 2018/08/23 2:29 p.m.16 views

Design/Logic Flaw

An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the firmware version that is going to be installed...

5CVSS7.5AI score0.01119EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/08/23 2:0 p.m.58 views

CVE-2018-3833

CVE-2018-3833 affects Insteon Hub (firmware 1013). The firmware upgrade flow fetches signed firmware over plain HTTP and does not verify that the new image is newer than the installed one, enabling an attacker (MITM impersonating cache.insteon.com) to flash older firmware. TALOS research notes mi...

8.6CVSS7.5AI score0.01119EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/08/02 7:0 p.m.52 views

CVE-2018-3834

Summary of CVE-2018-3834, Insteon Hub : The issue affects Insteon Hub firmware 1013. The PubNub-based firmware upgrade fetches signed binaries over plain HTTP and does not verify the firmware image type, allowing an attacker to supply a mismatched FW/PLM image signed with the same key. If a PLM i...

8.7CVSS7.3AI score0.00512EPSS
Exploits2References1Affected Software1
seebug.org
seebug.org
added 2017/11/08 12:0 a.m.36 views

Circle with Disney Database Updater Code Execution Vulnerability(CVE-2017-2883)

Summary An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to execute arbitrary code. An attacker needs to impersonate a remote server in order to trigger this vulnerability...

8.5AI score0.02448EPSS
Exploits2
OSV
OSV
added 2017/11/07 4:29 p.m.4 views

CVE-2017-2883

An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to execute arbitrary code. An attacker needs to impersonate a remote server in order to trigger this vulnerability...

8.1CVSS6AI score0.02448EPSS
Exploits2References1
Cvelist
Cvelist
added 2017/11/07 4:0 p.m.28 views

CVE-2017-2882

An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order to...

9CVSS8.2AI score0.02024EPSS
Exploits2References1
Rows per page
Query Builder