Lucene search
+L

32 matches found

cve
cve
added 2024/04/22 12:0 a.m.59 views

CVE-2023-38293

CVE-2023-38293 concerns Nokia C200/C100 devices with a pre-installed com.tracfone.tfstatus app. It allows local third-party apps to inject and execute arbitrary AT commands in the radio context by exploiting two input/injection techniques via a broadcast to com.tracfone.tfstatus/.TFStatus, with n...

7.3CVSS7.7AI score0.00785EPSS
Exploits0References1
cvelist
cvelist
added 2024/04/22 12:0 a.m.32 views

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

7.1AI score0.00173EPSS
Exploits0References2
exploitdb
exploitdb
added 2023/04/06 12:0 a.m.257 views

Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery

!-- Exploit Title: Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...

7.4AI score
Exploits0
thn
thn
added 2021/03/01 9:19 a.m.92 views

SolarWinds Blames Intern for 'solarwinds123' Password Lapse

As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years. The said password "solarwinds123" was originally...

0.4AI score
Exploits0
schneier
schneier
added 2021/01/19 12:16 p.m.39 views

Injecting a Backdoor into SolarWinds Orion

Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points SUNSPOT is StellarParticles malware used to insert the SUNBURST backdoor into software builds of the SolarWinds Orion IT management product. SUNSPOT monitors...

1AI score
Exploits0
thn
thn
added 2021/01/12 5:29 a.m.45 views

Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor

As the investigation into the SolarWinds supply-chain attack continues, cybersecurity researchers have disclosed a third malware strain that was deployed into the build environment to inject the backdoor into the company's Orion network monitoring platform. Called "Sunspot," the malignant tool ad...

1.1AI score
Exploits0
thn
thn
added 2020/12/16 5:11 p.m.34 views

New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor

The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates is still underway, but we may be one step closer to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack. A ne...

8.2AI score
Exploits0
citrix
citrix
added 2018/12/23 12:0 a.m.7 views

SDWAN: NITRO API command to export configuration

How to export SDWAN configuration through NITRO API ? Please use the below command to export SDWAN configuration through NITRO API: NOTE: The configuration export NITRO API command is available only from 10.2 build. First login to SDWAN device through NITRO API using below command .Then Export th...

7.2AI score
Exploits0
osv
osv
added 2017/05/16 1:40 p.m.8 views

SUSE-SU-2017:1311-1 Security update for mariadb

This update for mariadb fixes the following issues: - update to MariaDB 10.0.30 GA notable changes: XtraDB updated to 5.6.35-80.0 TokuDB updated to 5.6.35-80.0 PCRE updated to 8.40 MDEV-11027: better InnoDB crash recovery progress reporting MDEV-11520: improvements to how InnoDB data files are...

7.5CVSS6.5AI score0.04905EPSS
Exploits0References7
openvas
openvas
added 2015/08/20 12:0 a.m.14 views

BroadWin WebAccess Version Detection

Detection of BroadWin WebAccess. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...

7.2AI score
Exploits0
openvas
openvas
added 2014/04/16 12:0 a.m.13 views

Advantech WebAccess Version Detection (HTTP)

Detection of Advantech WebAccess. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

7.2AI score
Exploits0
packetstorm
packetstorm
added 1999/08/17 12:0 a.m.38 views

cheyenne.InocuLAN.passwd.txt

Date: Fri, 5 Mar 1999 12:19:59 -0800 From: JEK To: [email protected] Subject: Cheyenne InocuLAN for Exchange plain text password still there This dates back to Ron Watkins' post on 12/16/98 regarding the plain text account name/password left in the exchverify.log file by the...

7.4AI score
Exploits0
Rows per page
Query Builder