Lucene search
K

1830 matches found

CVE
CVE
added 2022/08/18 12:0 a.m.294 views

CVE-2022-37061

CVE-2022-37061 – FLIR AX8 RCE vulnerability (up to firmware 1.46.16) : The issue is an unauthenticated remote command injection via the POST parameter id to res.php, allowing an attacker to execute arbitrary shell commands as root. Public reports indicate exploitation in the wild (e.g., Metasploi...

9.8CVSS8.2AI score0.99618EPSS
In wildExploits9References7Affected Software1
NVD
NVD
added 2022/08/10 8:16 p.m.22 views

CVE-2022-38129

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...

9.8CVSS0.1838EPSS
Exploits1References1
OSV
OSV
added 2022/08/10 8:16 p.m.5 views

CVE-2022-38129

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...

9.8CVSS5.9AI score0.1838EPSS
Exploits1References1
Prion
Prion
added 2022/08/10 8:16 p.m.15 views

Path traversal

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...

7.5CVSS9.4AI score0.1838EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/08/10 4:4 p.m.77 views

CVE-2022-38129

CVE-2022-38129 describes a path-traversal vulnerability in the Keysight Sensor Management Server (SMS) affecting the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method. An unauthenticated remote attacker can upload arbitrary files to the SMS host. Multiple sources confirm the ...

9.8CVSS9.4AI score0.1838EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/10 4:4 p.m.2 views

CVE-2022-38129

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...

7.5AI score0.1838EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/08/10 4:4 p.m.29 views

CVE-2022-38129

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...

9.8AI score0.1838EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.3 views

Keysight Technologies Sensor Management Server SQL注入漏洞

Keysight Technologies Sensor Management Server is a sensor management server from Keysight Technologies, USA. A security vulnerability exists in Keysight Technologies Sensor Management Server SMS that originates from the ability of an unauthenticated, remote attacker to effectively take control o...

9.8CVSS8.2AI score0.53389EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/10 12:0 a.m.4 views

PT-2022-24222 · Keysight · Keysight Sensor Management Server

Name of the Vulnerable Software and Affected Versions: Keysight Sensor Management Server SMS affected versions not specified Description: A path traversal issue exists in the addLicenseFile method of the com.keysight.tentacle.licensing.LicenseManager class. This allows an unauthenticated remote...

9.8CVSS9.5AI score0.1838EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.3 views

Keysight Technologies Sensor Management Server 路径遍历漏洞

Keysight Technologies Sensor Management Server is a sensor management server from Keysight Technologies, USA. A security vulnerability exists in Keysight Technologies Sensor Management Server SMS, which stems from its com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method that allow...

9.8CVSS8.4AI score0.1838EPSS
Exploits1References3
OSV
OSV
added 2022/08/01 2:15 p.m.4 views

CVE-2022-21791

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059...

4.4CVSS5.9AI score0.00095EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

SICK FTMg 安全漏洞

The SICK FTMg is a flow sensor from SICK. A security vulnerability exists in SICK FTMg versions prior to 2.8, which stems from the fact that an unauthenticated user can access sensitive Web URLs via a GET request, which should be limited to maintenance users only. A malicious attacker could use...

5.3CVSS5.8AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.21 views

Keysight Technologies Sensor Management Server Detection

Binary data keysightsmsdetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.80 views

Keysight Technologies Sensor Management Server Deserialization RCE (CVE-2022-1660)

Binary data keysightsmscve-2022-1660.nbin...

10CVSS9.6AI score0.15968EPSS
Exploits0References2
Wired Threat Level
Wired Threat Level
added 2022/07/01 11:0 a.m.16 views

Is Your New Car a Threat to National Security?

Putting sensor-packed Chinese cars on Western roads could be a privacy issue. Just ask Tesla...

2.5AI score
Exploits0
Prion
Prion
added 2022/06/27 1:15 a.m.16 views

Authentication flaw

Authentication bypass vulnerability in the setup screen of L2Blockeron-premise Ver4.8.5 and earlier and L2BlockerCloud Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative path...

4.8CVSS7.9AI score0.00393EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/27 12:20 a.m.27 views

CVE-2022-33202

Authentication bypass vulnerability in the setup screen of L2Blockeron-premise Ver4.8.5 and earlier and L2BlockerCloud Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative path...

8.2AI score0.00393EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/13 3:15 p.m.4 views

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality...

5.5CVSS5.3AI score0.00164EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2022/06/13 3:15 p.m.6 views

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality...

5.5CVSS6.1AI score0.00164EPSS
Exploits0References2
NVD
NVD
added 2022/06/13 3:15 p.m.19 views

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality...

5.5CVSS0.00164EPSS
Exploits0References2
Rows per page
Query Builder