Lucene search
+L

71 matches found

Prion
Prion
added 2019/01/24 3:29 p.m.22 views

Design/Logic Flaw

A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An...

7.2CVSS7.6AI score0.00372EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/07/10 4:29 p.m.18 views

CVE-2018-5553

The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access...

10CVSS10AI score0.02486EPSS
Exploits0References2
CVE
CVE
added 2018/07/10 4:0 p.m.64 views

CVE-2018-5553

The connected advisories confirm CVE-2018-5553 affects Crestron Console services on DGE-100, DM-DGE-200-C, and TS-1542-C devices. The flaw enables remote command injection via the PING command due to improper input validation, allowing code execution with root privileges. Exploitation requires no...

10CVSS10AI score0.02486EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:20 p.m.24 views

Security Bulletin: DB2 local escalation of privilege vulnerability affects IBM Tivoli Storage Manager Server (CVE-2015-1947)

Summary IBM Tivoli Storage Manager IBM Spectrum Protect Server is affected by an IBM DB2 software vulnerability that can result in a local user gaining root level access to which the user is not entitled. Vulnerability Details CVEID: CVE-2015-1947 DESCRIPTION: IBM DB2 software is vulnerable to a...

7.4CVSS0.7AI score0.00391EPSS
Exploits0Affected Software2
Cisco
Cisco
added 2017/04/19 4:0 p.m.32 views

Cisco Integrated Management Controller Remote Code Execution Vulnerability

A vulnerability in the web-based GUI of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability exists because the affected software does not sufficiently sanitize specifi...

9.8CVSS9AI score0.04241EPSS
Exploits0References1
myhack58
myhack58
added 2016/10/12 12:0 a.m.90 views

Vulnerability and early warning: based on the RedHat distribution of Apache Tomcat local to mention the right vulnerability-vulnerability warning-the black bar safety net

Description Tomcat recently always want to engage in some big news, a month are not to, Tomcat and burst vulnerability. 2 0 1 6 1 0 On 1 1 December, online broke the Tomcat local to mention the right vulnerability, vulnerability number CVE-2 0 1 6-5 4 2 and 5. This affected mainly is based on the...

7.2CVSS0.03782EPSS
Exploits8
ThreatPost
ThreatPost
added 2015/08/03 1:51 p.m.11 views

Thunderstrike 2 Mac OS X Firmware Worm

A new attack against Intel firmware running in Apple computers is expected to be unveiled at this week’s Black Hat conference. The research is an extension of the Thunderstrike Mac OS X firmware bootkit disclosed this spring that enables the undetectable installation of malicious firmware that...

1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/04/06 12:14 p.m.8 views

Linux Australia Breached by Hackers

Linux Australia, a consortium in charge of organizing Linux conferences Down Under, acknowledged over the weekend it was breached by attackers who were able to secure access to one of its servers, and with it, potential user information. In a detailed email to users on Saturday, the group’s...

1.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/03/18 12:59 p.m.12 views

Gap Widens Between Attackers, BIOS Forensics, Research

Vendors have made important strides in locking down operating systems, patching memory-related vulnerabilities and other bugs that could lead to remote code execution or give hackers a stealthy presence on a machine. As the hurdles get higher for the bad guys, the better ones will certainly look...

Exploits0References2
Cisco
Cisco
added 2014/01/10 4:0 p.m.69 views

Undocumented Test Interface in Cisco Small Business Devices

A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Note: Additional research...

10CVSS7AI score0.73825EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2005/03/08 12:0 a.m.53 views

Default Password (debug) for 'user' Account

The account 'user' on the remote host has the password 'debug'. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "user"; password = "debug"; include'deprecatednasllevel.inc'; include'compat.inc'; if description...

10CVSS8.2AI score0.53618EPSS
Exploits41References3
Rows per page
Query Builder