Lucene search
K

197 matches found

Palo Alto Networks
Palo Alto Networks
added 2019/10/01 7:0 a.m.63 views

SSH Service Exposed in Zingbox Inspector

The SSH service is enabled on the Zingbox Inspector, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials. Ref: CVE-2019-15017 The vulnerability allows for users to authenticate to the softwar...

2.7AI score0.00356EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2019/10/01 7:0 a.m.8 views

SSH Service Exposed in Zingbox Inspector

The SSH service is enabled on the Zingbox Inspector, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials. Ref: CVE-2019-15017 The vulnerability allows for users to authenticate to the softwar...

8.4CVSS7AI score0.00356EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2019/08/01 12:0 a.m.140 views

SilverSHielD 6.x - Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit Title: extenua SilverSHielD 6.x local priviledge escalation Google Dork: na Date: 31 Jul 2019 Exploit Author: Ian Bredemeyer Vendor Homepage:...

7.8CVSS7.9AI score0.01171EPSS
Exploits3
0day.today
0day.today
added 2019/07/29 12:0 a.m.58 views

Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable t...

9.8CVSS0.8AI score0.3665EPSS
Exploits4
GithubExploit
GithubExploit
added 2019/07/05 11:55 a.m.10 views

Exploit for CVE-2007-2447

This is a proof-of-concept PoC exploit repository for various...

9.8CVSS8.4AI score0.99998EPSS
Exploits57
ThreatPost
ThreatPost
added 2019/02/13 3:20 p.m.144 views

Flaw in snapd Allows Root Access to Linux Servers

A local privilege-escalation vulnerability in Canonical’s snapd package has been uncovered, which would allow any user to obtain administrator privileges and immediate root access to affected Linux system servers. Snapd is used by Linux users to download and install apps in the .snap file format...

10CVSS0.8AI score0.61075EPSS
Exploits10References6
Github Security Blog
Github Security Blog
added 2018/12/21 5:49 p.m.28 views

Improper Privilege Management in Apache Karaf

In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf process user has access. This can be locked down a...

9CVSS1.5AI score0.01904EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2018/09/18 2:0 p.m.32 views

CVE-2018-11786

In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf process user has access. This can be locked down a...

8.6AI score0.01904EPSS
Exploits0References3
0day.today
0day.today
added 2018/06/22 12:0 a.m.97 views

Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution Vulnerability

Exploit for linux platform in category remote exploits Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Vendor KB: https://support.emc.com/kb/521234 Github:...

7.1AI score0.43287EPSS
Exploits12
exploitpack
exploitpack
added 2018/06/21 12:0 a.m.67 views

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB...

10CVSS0.4AI score0.43287EPSS
Exploits12
Exploit DB
Exploit DB
added 2018/06/21 12:0 a.m.70 views

Dell EMC RecoverPoint &lt; 5.1.2 - Remote Root Command Execution

Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB: https://support.emc.com/kb/521234 Github:...

10CVSS9.6AI score0.43287EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2018/05/24 12:0 a.m.389 views

Target Credential Issues by Authentication Protocol - No Issues Found

Valid credentials were provided for an authentication protocol on the remote target and Nessus did not log any subsequent errors or failures for the authentication protocol. When possible, Nessus tracks errors or failures related to otherwise valid credentials in order to highlight issues that ma...

5.8AI score
Exploits0
NVD
NVD
added 2018/03/09 11:29 p.m.22 views

CVE-2018-7236

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of authentication for /login/bin/setparam could enable SSH service...

8.1CVSS8.1AI score0.0134EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 11:29 p.m.25 views

Design/Logic Flaw

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of authentication for /login/bin/setparam could enable SSH service...

5.8CVSS8AI score0.0134EPSS
Exploits0References1Affected Software20
Cvelist
Cvelist
added 2018/03/09 11:0 p.m.15 views

CVE-2018-7236

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of authentication for /login/bin/setparam could enable SSH service...

8.1AI score0.0134EPSS
Exploits0References1
OSV
OSV
added 2018/02/15 10:29 p.m.4 views

CVE-2017-5803

A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found...

7.5CVSS5.8AI score0.07603EPSS
Exploits0References4
NVD
NVD
added 2018/02/15 10:29 p.m.17 views

CVE-2017-5803

A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found...

7.8CVSS7.6AI score0.07603EPSS
Exploits0References4
Prion
Prion
added 2018/02/15 10:29 p.m.18 views

Design/Logic Flaw

A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found...

7.8CVSS7.6AI score0.07603EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2018/02/15 10:0 p.m.52 views

CVE-2017-5803

CVE-2017-5803 describes a remote information disclosure in HPE NonStop Servers via the SSH service. Affected products are HPE NonStop Server SSH on L-series (T0801L02 through T0801L02^ABX) and J/H-series (T0801H01 through T0801H01^ACA). The vulnerability enables an attacker with network access (n...

7.8CVSS7.5AI score0.07603EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.16 views

CVE-2017-5803

A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found...

7.6AI score0.07603EPSS
Exploits0References4
Rows per page
Query Builder