Lucene search
K

65 matches found

Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.225 views

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1879)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when...

8.8CVSS6.8AI score0.02417EPSS
Exploits4References13
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.243 views

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2021-1751)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the...

7.8CVSS6.8AI score0.02417EPSS
Exploits5References13
Prion
Prion
added 2021/02/12 12:15 a.m.11 views

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...

3.3CVSS6.3AI score0.00989EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/02/11 11:35 p.m.31 views

CVE-2020-27865

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on T...

8.8CVSS9AI score0.02549EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/02/11 11:35 p.m.29 views

CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

8.8CVSS9AI score0.08656EPSS
Exploits0References2
CVE
CVE
added 2021/02/11 11:35 p.m.56 views

CVE-2020-27863

CVE-2020-27863 affects D-Link DVA-2800 and DSL-2888A routers. The flaw is in the dhttpd service (listening on TCP port 8008 by default) where incorrect string-matching logic when accessing protected pages allows network-adjacent attackers to disclose stored credentials without authentication. The...

6.5CVSS6.2AI score0.00989EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/02/11 11:35 p.m.15 views

CVE-2020-27863

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...

6.5CVSS6.3AI score0.00989EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/02 12:0 a.m.52 views

Debian DSA-4843-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial...

8.8CVSS7.4AI score0.06563EPSS
Exploits5References29
UbuntuCve
UbuntuCve
added 2021/01/12 12:0 a.m.43 views

CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

4.4CVSS6.7AI score0.00277EPSS
Exploits0References3
OSV
OSV
added 2021/01/12 12:0 a.m.1 views

UBUNTU-CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

4.4CVSS6.6AI score0.00277EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/01/11 9:54 a.m.31 views

CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Mitigation Mitigation for this issue is either not available or the currently availabl...

4.4CVSS1.4AI score0.00277EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2020/12/18 12:0 a.m.77 views

NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

8.8CVSS1.7AI score0.08656EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/12/16 12:0 a.m.46 views

(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Incorrect Authorization Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nasAdmin service, which listens on TCP port 80 and 443 by...

2.3AI score0.03897EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/12/15 12:0 a.m.34 views

(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

5.4CVSS2.1AI score0.03785EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/12/15 12:0 a.m.29 views

D-Link Multiple Routers dhttpd Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...

6.5CVSS1.2AI score0.00989EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/12/15 12:0 a.m.51 views

D-Link DAP-1860 uhttpd Authentication Bypass Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on TCP port 80 by default. Th...

8.8CVSS3.1AI score0.02549EPSS
Exploits0References1
NVD
NVD
added 2020/10/13 5:15 p.m.19 views

CVE-2020-17409

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists...

6.5CVSS0.00688EPSS
Exploits0References2
Prion
Prion
added 2020/10/13 5:15 p.m.28 views

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists...

3.3CVSS6.3AI score0.00688EPSS
Exploits0References2Affected Software9
Zero Day Initiative
Zero Day Initiative
added 2020/09/15 12:0 a.m.51 views

NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the minihttpd...

6.5CVSS2AI score0.00688EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/23 8:45 p.m.32 views

CVE-2020-15633

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP...

8.8CVSS9AI score0.02768EPSS
Exploits0References2
Rows per page
Query Builder