Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Debian
Debianadded 2019/02/18 4:9 p.m.71 views

[SECURITY] [DLA 1681-1] gsoap security update

Package : gsoap Version : 2.8.17-1+deb8u2 CVE ID : CVE-2019-7659 It was discovered that there was a denial of service vulnerability in gsoap a C/C++ language binding used for SOAP-based web services. For Debian 8 "Jessie", this issue has been fixed in gsoap version 2.8.17-1+deb8u2. We recommend...

8.1CVSS7.9AI score0.0064EPSS
Exploits0
Prion
Prionadded 2018/01/12 5:29 p.m.18 views

Cross site request forgery (csrf)

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services via CSRF can result in an unauthorized change of username or password of the administrator of the portal...

6.8CVSS9AI score0.00071EPSS
Exploits5References2Affected Software1
0day.today
0day.todayadded 2017/01/05 12:0 a.m.30 views

Zyxel / Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 Exploit

Broadband DSL modems manufactured by Zyxel and distributed by some European ISPs are vulnerable to a command injection vulnerability when setting the 'NewNTPServer' value using the TR-64 SOAP-based configuration protocol. In the tested case, no authentication is required to set this value on...

7.7AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2015/06/04 8:2 a.m.4 views

php: type confusion issue in unserialize() with various SOAP methods

Multiple flaws were discovered in the way PHP's Soap extension performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to disclose portion of its memory or crash...

10CVSS7.2AI score0.06568EPSS
Exploits5References4
Hacker One
Hacker Oneadded 2014/11/17 10:31 p.m.396 views

QIWI: [send.qiwi.ru] Soap-based XXE vulnerability /soapserver/

An XML external entities injection vulnerability exists on the soap server hosted on send.qiwi.ru. The attack allows an attacker to open local files although perhaps not return the data, see below, leading at best to a DoS. Often this attack can be used to extract files from the server such as...

7.3AI score
Exploits0
Packet Storm
Packet Stormadded 2013/12/20 12:0 a.m.63 views

HP Operations Orchestration Central 9.06 Cross Site Scripting

Name: XSS in HP Operations Orchestration Central version 9.06 Systems Affected: HP Operations Orchestration version 9.06 Severity: High Vendor: Hewlett-Packard References: CVE-2013-6191, CVE-2013-6192, SSRT101342 Author: Bart Leppens Date: 20130919 I. BACKGROUND HP Operations Orchestration HP OO ...

6.8CVSS6.6AI score0.00623EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2010/01/26 12:0 a.m.39 views

HNAP Detection

The remote service supports the Home Network Administration Protocol HNAP, a SOAP-based protocol that provides a common interface for administrative control of networked devices. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid44318; scriptversion"1.8";...

5.5AI score
Exploits0References2
Rows per page
Query Builder