Lucene search
K

102 matches found

Positive Technologies
Positive Technologies
added 2022/09/13 12:0 a.m.4 views

PT-2022-5212 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions 16.4.2 and earlier Adobe InDesign versions 17.3 and earlier Description: The issue is related to an out-of-bounds read that could lead to disclosure of sensitive memory. An attacker could leverage this to bypass...

5.5CVSS5.3AI score0.00448EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/12 12:0 a.m.3 views

PT-2022-27960 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 macOS Ventura versions prior to 13.1 tvOS versions prior to 16.2 Description: The issue was addressed with improved bounds checks. Connecting to a malicious NFS server may lead to...

7.8CVSS7.7AI score0.00323EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2022/08/03 12:0 a.m.8 views

PT-2022-4130 · F5 · F5 Big-Ip +1

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 13.1.x F5 BIG-IP versions 14.1.x through 14.1.5.0 F5 BIG-IP versions 15.1.x through 15.1.6.0 F5 BIG-IP versions 16.1.x through 16.1.3.0 F5 BIG-IP versions 17.0.x through 17.0.0.0 F5 BIG-IQ versions 7.x F5 BIG-IQ versions 8....

9.8CVSS9.6AI score0.00587EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/04/27 2:25 p.m.3 views

CVE-2022-24888 Possible Injection in Nextcloud Server

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 20.0.14.4, 21.0.8, 22.2.4, and 23.0.1, it is possible to create files and folders that have leading and trailing \n, \r, \t, and \v characters. The server rejects files and folders...

4.3CVSS4.6AI score0.01229EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/27 12:0 a.m.5 views

PT-2021-4619 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center FMC Software is related to improper...

4.3CVSS6.7AI score0.00271EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2021/07/09 12:0 a.m.6 views

PT-2021-3760

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows versions prior to 15.2.3 HF2 Description A remote code execution vulnerability in the SolarWinds Serv-U product allows a threat actor to gain privileged access to the...

10CVSS10AI score0.9116EPSS
Exploits2References33
Positive Technologies
Positive Technologies
added 2016/01/15 12:0 a.m.9 views

PT-2016-34: Password Recovery in Siemens SICAM PAS

The specialists of the Positive Research center have detected a Password Recovery vulnerability in Siemens SICAM PAS. Vulnerability in SICAM PAS allows local authenticated users to recover user passwords and access the database. How to fix Update your software up to the latest version Advisory...

7.8CVSS7.5AI score0.00317EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2014/12/15 12:0 a.m.11 views

PT-2016-03: SQL Injection in Advantech WebAccess

The specialists of the Positive Research center have detected an SQL Injection vulnerability in Advantech WebAccess. Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands to modify web server settings, accounts, and projects. How to fix Update your...

8.1CVSS8.6AI score0.01689EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/12/01 12:0 a.m.12 views

PT-2013-78: Buffer overflow in SIMATIC WinCC Open Architecture

The specialists of the Positive Research center have detected a Buffer overflow vulnerability in SIMATIC WinCC Open Architecture. The SIMATIC WinCC OA integrated Web server at Port 4999/TCP might allow attackers to perform remote code execution by sending specially crafted packets without...

9.3CVSS7.8AI score0.05261EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2013/03/20 12:0 a.m.6 views

PT-2013-24: Concealing User Authority in SAP NetWeaver

The specialists of the Positive Research center have detected "Concealing User Authority" vulnerability in SAP NetWeaver. No matter how much authority the user '............' has, it is not reflected in report RSUSR002. How to fix Update your software up to the latest version Advisory status...

7.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/09/21 12:0 a.m.14 views

PT-2013-33: CRLF Injection in Siemens Simatic WinCC TIA Portal

The specialists of the Positive Research center have detected "CRLF Injection" vulnerability in Siemens Simatic WinCC TIA Portal. If a user clicks on a malicious link which seems to lead to a HMI web application, it is possible to display any data to the user HTTP response splitting. How to fix...

4.3CVSS6.5AI score0.01539EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/07/11 12:0 a.m.10 views

PT-2013-25: Information Disclosure in Siemens Simatic WinCC and PCS 7

The specialists of the Positive Research center have detected "Information Disclosure" vulnerability in Siemens Simatic WinCC and PCS 7. WebNavigator passwords stored in the SQL database are only obfuscated. How to fix Update your software up to the latest version Advisory status 11.07.2012 -...

4CVSS6.9AI score0.01515EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2012/02/12 12:0 a.m.26 views

FreeBSD Ports: FreeBSD

The remote host is missing an update to the system as announced in the referenced advisory. VID e51d5b1a-4638-11e1-9f47-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID e51d5b1a-4638-11e1-9f47-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

6.9CVSS0.00905EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2011/11/25 12:0 a.m.3 views

PT-2011-43: Database information disclosure in Kayako Fusion

A vulnerability has been discovered in Kayako Fusion, which can be exploited by a malicious person with a 'staff' privileged user account. The vulnerability exists in the logic of report generation, which is based on Kayako Query Language KQL. An authorized 'staff' user can generate a report...

6.5CVSS7.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2011/09/09 12:0 a.m.17 views

PT-2011-30: Disclosure of sensitive information in D-Link DIR-300 Router

Positive Research Center has discovered that password hashing is not implemented in D-Link DIR-300 routers, which allows one to obtain passwords in plain text. How to fix Update your software up to the latest version Update link Advisory status 09.09.2011 - Vendor is notified 09.09.2011 - Vendor...

6.8CVSS5.7AI score0.03128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2009/01/01 12:0 a.m.5 views

PT-2009-41: Multiple vulnerabilities in Kayako Support Suite

Vulnerability Description Positive Technologies Research Team discovered several Installation Path Disclosure vulnerabilities in Kayako Support Suite. The application uses a vulnerable PHP function unserialize, which allows an attacker to disclose the product installation path. In addition, there...

7.2AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.0 views

Nagios cross-site scripting vulnerability

Overview Nagios from Nagios.org contains a cross-site scripting vulnerability. Nagios from Nagios.org is software that monitors network services, hosts, and other resources. Nagios contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser...

4.3CVSS6.1AI score
Exploits0References3
securityvulns
securityvulns
added 2005/07/16 12:0 a.m.33 views

[SA15857] Emilda User Management Security Bypass Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/20 12:0 a.m.20 views

Picasm 1.10/1.12 - Error Generation Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/13698/info Picasm is affected by a remote buffer overflow vulnerability. An attacker can exploit this issue by supplying an excessive 'error' directive. If successfully exploited, this issue can allow a remote attacker to gain access to the affected...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/13 12:0 a.m.19 views

BugPort Attached File Handling Unspecified Issue

The remote host seems to be running BugPort, an open source web-based system to manage tasks and defects throughout the software development process. This version of BugPort contains an unspecified attachment handling flaw. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.5AI score
Exploits0
Rows per page
Query Builder