Lucene search
K

208 matches found

Prion
Prion
added 2022/01/14 6:15 p.m.25 views

Code injection

Imperva Web Application Firewall WAF before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF...

7.5CVSS9.4AI score0.03991EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/01/12 12:0 a.m.4 views

PT-2022-5708 · Symantec · Symantec Endpoint Protection

Name of the Vulnerable Software and Affected Versions: Symantec Endpoint Protection Windows versions prior to 14.3 RU6/14.3 RU5 Patch 1 Description: The issue is related to a Security Control Bypass, which can potentially allow a threat actor to circumvent existing security controls. This...

7.5CVSS6.8AI score0.01096EPSS
Exploits1References7
NVD
NVD
added 2021/11/18 5:15 p.m.74 views

CVE-2021-35534

Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal databas...

9CVSS0.01666EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/11/18 4:35 p.m.57 views

CVE-2021-35534 Insufficient Security Control Vulnerability

Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal databas...

7.2CVSS7.1AI score0.01666EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/11/18 3:53 p.m.32 views

CVE-2021-35535 Insufficient Security Control Vulnerability

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process...

8.1CVSS8.1AI score0.00567EPSS
Exploits0References1
OSV
OSV
added 2021/10/13 3:15 p.m.4 views

CVE-2021-34814

Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...

7.5CVSS7.1AI score0.01009EPSS
Exploits0References2
NVD
NVD
added 2021/10/13 3:15 p.m.15 views

CVE-2021-34814

Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...

7.5CVSS0.01009EPSS
Exploits0References2
NVD
NVD
added 2021/10/13 3:15 p.m.45 views

CVE-2021-39304

Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...

7.5CVSS0.00981EPSS
Exploits0References2
Prion
Prion
added 2021/10/13 3:15 p.m.14 views

Design/Logic Flaw

Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...

5CVSS7.5AI score0.01009EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/10/13 3:15 p.m.13 views

Security feature bypass

Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...

5CVSS7.5AI score0.00981EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/13 2:34 p.m.33 views

CVE-2021-39304

Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...

7.7AI score0.00981EPSS
Exploits0References2
CVE
CVE
added 2021/10/13 2:27 p.m.50 views

CVE-2021-34814

CVE-2021-34814 affects Proofpoint Spam Engine prior to 8.12.0-2106240000. The issue is a Security Control Bypass due to an access control error in the product, with impact described as HIGH availability risk (per CVSS 3.1) and no confidential/integrity impact indicated. Connected sources confirm ...

7.5CVSS7.5AI score0.01009EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/13 2:27 p.m.22 views

CVE-2021-34814

Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...

7.7AI score0.01009EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:37 p.m.21 views

Security Bulletin: IBM Security Guardium is affected by a Missing Security Control vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2018-1501 DESCRIPTION: IBM Security Guardium EcoSystem could allow an unauthorized user to obtain sensitive information due to missing security controls. CVSS Base score: 5.3 CVSS Temporal Score: See:...

7.5CVSS0.9AI score0.01145EPSS
Exploits0Affected Software1
ICS
ICS
added 2021/06/08 12:0 a.m.37 views

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Metasys Servers, Engines, and Tools Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated...

8.8CVSS9.1AI score0.01245EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2021/05/26 4:57 a.m.156 views

Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!

VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server. Tracked as CVE-2021-21985 CVSS score 9.8, the issue stems from a lack of input validation in the Virtual SAN vSAN Health...

10CVSS1AI score0.99999EPSS
Exploits58
CNVD
CNVD
added 2021/05/24 12:0 a.m.4 views

Weak Password Vulnerability in ZKNW Security Control System

Ltd. is a national high-tech enterprise, double soft enterprise; the earliest domestic VPN R & D manufacturers, professional network security products R & D manufacturers Weak password vulnerability exists in the security control system of ZKNW, which can be exploited by attackers to obtain...

7AI score
Exploits0
CNVD
CNVD
added 2021/05/14 12:0 a.m.2 views

Weak Password Vulnerability in 26G-2F-MANAGED of Shenzhen WANET Botong Technology Co.

Dedicated to the development and application of network communication products and IoT security control platform, it is a next-generation vendor of intelligent network solutions for weak power and IoT security solutions. Weak password vulnerability exists in 26G-2F-MANAGED of Shenzhen WANET BOTTO...

7.2AI score
Exploits0
CVE
CVE
added 2021/04/28 1:58 p.m.62 views

CVE-2020-21991

The CVE-2020-21991 issue affects AVE DOMINAplus

9.8CVSS9.7AI score0.02914EPSS
Exploits2References2Affected Software1
CNVD
CNVD
added 2021/04/23 12:0 a.m.1 views

SQL Injection Vulnerability in ASRock Terminal Security Management System

ASRock Terminal Security Management System is an integrated terminal security product solution for governmental and enterprise organizations. The product integrates anti-virus, terminal security control, terminal access, terminal audit, peripheral control, EDR and other functions, and is compatib...

7.8AI score
Exploits0
Rows per page
Query Builder