Lucene search
K

70 matches found

NVD
NVD
added 2018/02/15 10:29 p.m.19 views

CVE-2017-12532

A Remote Code Execution vulnerability in HPE Intelligent Management Center iMC PLAT version PLAT 7.3 E0504 was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 E0506 or any subsequent version...

9CVSS9AI score0.0572EPSS
Exploits1References3
OSV
OSV
added 2018/02/13 12:0 a.m.2 views

UBUNTU-CVE-2018-5381

The Quagga BGP daemon bgpd prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgppacket.c:bgpcapabilitymsgparse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI,...

7.5CVSS7AI score0.30665EPSS
Exploits0References4
Prion
Prion
added 2018/02/08 7:29 a.m.16 views

Design/Logic Flaw

A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to determine whether a subscriber username is valid. The vulnerability occurs because the Cisco Policy Suite RADIUS server component returns different authentication failure...

5CVSS5.3AI score0.01446EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/10/18 6:29 p.m.20 views

Directory traversal

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to...

4CVSS6.2AI score0.06168EPSS
Exploits4References2Affected Software1
Hacker One
Hacker One
added 2017/10/17 12:8 p.m.13 views

Dropbox: Dropbox employee benefits documents are available in a test Dropbox folder

This report pointed out that we had left a shared link to a copy of our employee benefits documentation in a particular iOS build. This link was likely used for ad-hoc testing at some point and accidentally left in the build. While there is little security risk here, we removed the link from...

1.4AI score
Exploits0
NVD
NVD
added 2017/04/24 4:59 p.m.20 views

CVE-2017-1000358

Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw...

6.5CVSS6.5AI score0.01106EPSS
Exploits1References1
NVD
NVD
added 2016/12/15 6:59 a.m.19 views

CVE-2016-4046

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...

5.8CVSS5.6AI score0.01189EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2013/12/18 12:0 a.m.29 views

EMC Connectrix Manager Converged Network Edition inmservlets.war Information Disclosure Vulnerability

This vulnerability allows remote attackers to read arbitrary text files on vulnerable installations of EMC Connectrix Manager Converged Network Edition. Authentication is not required to exploit this vulnerability. The specific flaw exists within one of the pages served as part of the immservlets...

7.8CVSS2.8AI score0.17004EPSS
Exploits9References1
erpscan
erpscan
added 2012/10/02 12:0 a.m.17 views

SAP NetWeaver SDM - information disclosure and SMBRelay

Application: SAP NetWeaver SDM Versions Affected: SAP NetWeaver SDM Vendor URL: http://www.sap.com Bugs: Information Disclosure Exploits: YES Reported: 10.02.2012 Vendor response: 11.02.2012 Date of Public Advisory: 10.10.2012 Reference: SAP Security Note 1724516 Authors: Alexander Polyakov ERPSc...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2010/12/09 12:0 a.m.67 views

OpenSSL protection level downgrade

Attacker can downgrade cipher level for subsequent connections...

7.5CVSS2.9AI score0.09497EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder