Lucene search
K

14901 matches found

CVE
CVE
added 2021/09/09 5:35 p.m.47 views

CVE-2021-28909

The connected records confirm that BAB TECHNOLOGIE GmbH eibPort V3 prior versions (≤3.9.1) are affected by an unauthenticated brute-force exposure of the login service at /webif/SecurityModule. An attacker could leverage weak/default credentials (admin) to gain access and, per Red Hat/NVD referen...

9.8CVSS9.6AI score0.01346EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/09 5:35 p.m.23 views

CVE-2021-28909

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login service at /webif/SecurityModule in a brute force attack. The password could be weak and default username is known as 'admin'. This is usable and part of an attack chain to gain SS...

9.9AI score0.01346EPSS
Exploits0References1
NVD
NVD
added 2021/09/09 5:15 a.m.20 views

CVE-2021-34718

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

8.5CVSS0.0153EPSS
Exploits0References1
Prion
Prion
added 2021/09/09 5:15 a.m.15 views

Input validation

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

8.5CVSS7.9AI score0.0153EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/09 5:0 a.m.18 views

CVE-2021-34718 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

8.1CVSS8.1AI score0.0153EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/09/09 5:0 a.m.11 views

CVE-2021-34718 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

8.1CVSS6.8AI score0.0153EPSS
Exploits0References1
CVE
CVE
added 2021/09/09 5:0 a.m.104 views

CVE-2021-34718

Cisco IOS XR Software contains an Arbitrary File Read/Write vulnerability in the SSH Server, exploitable by an authenticated, remote attacker via crafted SCP parameters during login. The issue stems from insufficient input validation of user-supplied arguments for the SCP file-transfer method, en...

8.5CVSS7.9AI score0.0153EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.5 views

BAB TECHNOLOGIE GmbH eibPort 安全漏洞

Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort is an application from BAB TECHNOLOGIE GmbH Bab Technologie Gmbh, Germany, for managing smart furniture devices. A security vulnerability exists in BAB TECHNOLOGIE GmbH eibPort V3, which stems from a vulnerability in versions prior to 3.9.1 that...

9.8CVSS8.2AI score0.01346EPSS
Exploits0References2
Palo Alto Networks
Palo Alto Networks
added 2021/09/08 4:0 p.m.63 views

PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188)

A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code. The Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is...

9.8CVSS2.2AI score0.74513EPSS
Exploits2References1
Cisco
Cisco
added 2021/09/08 4:0 p.m.49 views

Cisco IOS XR Software Arbitrary File Read and Write Vulnerability

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

8.1CVSS8AI score0.0153EPSS
Exploits0References1
Kitploit
Kitploit
added 2021/09/08 11:30 a.m.40 views

TREVORspray - A Featureful Round-Robin SOCKS Proxy And Python O365 Sprayer Based On MSOLSpray Which Uses The Microsoft Graph API

TREVORproxy is a SOCKS proxy that round-robins requests through SSH hosts. TREVORspray is a A featureful Python O365 sprayer based on MSOLSpray which uses the Microsoft Graph API By @thetechr0mancer Microsoft is getting better and better about blocking password spraying attacks against O365...

7.4AI score
Exploits0References3
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.225 views

ECOA Building Automation System Hard-coded Credentials SSH Access

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

10CVSS7.3AI score0.01989EPSS
Exploits1
NVD
NVD
added 2021/09/07 2:15 p.m.9 views

CVE-2021-27022

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...

4.9CVSS0.0088EPSS
Exploits0References2
Prion
Prion
added 2021/09/07 2:15 p.m.14 views

Design/Logic Flaw

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...

4CVSS5AI score0.0088EPSS
Exploits0References2Affected Software2
UbuntuCve
UbuntuCve
added 2021/09/07 2:15 p.m.32 views

CVE-2021-27022

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...

4.9CVSS5.9AI score0.0088EPSS
Exploits0References2
CVE
CVE
added 2021/09/07 1:3 p.m.56 views

CVE-2021-27022

CVE-2021-27022 affects bolt-server and ace; vulnerable on SSH/WinRM inventory service nodes where running a task with sensitive parameters causes those parameters to be logged. The issue is described consistently across Red Hat, NVD/NVD feed, Ubuntu, Debian, and OSV/etc. The provided documents do...

4.9CVSS5AI score0.0088EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/09/07 1:3 p.m.11 views

CVE-2021-27022

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...

5.3AI score0.0088EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/09/07 1:3 p.m.14 views

CVE-2021-27022

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...

4.9CVSS5AI score0.0088EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/09/06 12:0 a.m.19 views

Debian DLA-2755-1 : btrbk - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2755 advisory. An issue has been found in btrbk, a backup tool for btrfs subvolumes. Due to mishandling of remote hosts filtering SSH commands using sshfilterbtrbk.sh in authorizedkeys an...

9.8CVSS8.9AI score0.03155EPSS
Exploits0References5
Debian
Debian
added 2021/09/05 9:47 p.m.30 views

[SECURITY] [DLA 2755-1] btrbk security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2755-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 05, 2021 https://wiki.debian.org/LTS -...

9.8CVSS9.8AI score0.03155EPSS
Exploits0
Rows per page
Query Builder