Lucene search
+L

74 matches found

NVD
NVD
added 2018/12/17 7:29 p.m.15 views

CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

7.5CVSS8.2AI score0.007EPSS
Exploits0References1
Prion
Prion
added 2018/12/17 7:29 p.m.14 views

Stack overflow

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

5.4CVSS8.2AI score0.007EPSS
Exploits0References1Affected Software4
CVE
CVE
added 2018/12/17 6:0 p.m.41 views

CVE-2018-16596

CVE-2018-16596 concerns a stack-based buffer overflow in the LAN UPnP service of Swisscom Internet-Box devices (2/Standard/Plus) on UDP port 1900. The flaw allows remote code execution if the attacker is inside the LAN and can send a UDP packet to port 1900; ASLR reduces reliability, making succe...

7.5CVSS8.2AI score0.007EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/12/17 6:0 p.m.22 views

CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

8.2AI score0.007EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2018/11/29 9:30 p.m.7 views

com.swisscom.cloud.sb:broker (>=4.0.0 <=4.2.5), org.springframework.credhub:spring-credhub-cloud-connector (>=1.0.0.RELEASE <=1.0.1.RELEASE) +1 more potentially affected by CVE-2018-15795 via org.springframework.credhub:spring-credhub-core (>=1.0.0.RELEASE <=1.0.1.RELEASE)

org.springframework.credhub:spring-credhub-core MAVEN version =1.0.0.RELEASE, =4.0.0, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.1.RELEASE Source cves: CVE-2018-15795 Source advisory: OSV:GHSA-Q3JG-4C82-J4XH...

8.1CVSS7.2AI score0.01304EPSS
Exploits0
Prion
Prion
added 2018/09/18 9:29 p.m.25 views

Authentication flaw

The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android, which results in an attacker being able to reuse cookies to bypass authentication and...

6.1CVSS6.5AI score0.00616EPSS
Exploits1References2Affected Software3
CNVD
CNVD
added 2018/03/29 12:0 a.m.6 views

Swisscom MySwisscomAssistant DLL Loading Vulnerability

Swisscom MySwisscomAssistant is a telecom network assistant program from Swisscom, Switzerland. The program helps to set up, maintain and manage the network. A security vulnerability exists in the handling of multiple DLLs files in Swisscom MySwisscomAssistant version 2.17.1.1065. A remote attack...

7.8CVSS7.9AI score0.00729EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/29 12:0 a.m.6 views

Swisscom TVMediaHelper DLL Loading Vulnerability

Swisscom TVMediaHelper is a set-top box device from Swisscom, Switzerland. A security vulnerability exists in the handling of multiple DLLs files in Swisscom TVMediaHelper version 1.1.0.50. A remote attacker can exploit this vulnerability to execute arbitrary code on the target system. Multiple...

7.8CVSS7.9AI score0.00729EPSS
Exploits0References1
Prion
Prion
added 2018/03/27 5:29 p.m.14 views

Design/Logic Flaw

Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing that coul...

7.2CVSS7.9AI score0.00729EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/03/27 5:29 p.m.17 views

CVE-2018-6766

Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing that coul...

7.8CVSS7.9AI score0.00729EPSS
Exploits0References1
NVD
NVD
added 2018/03/27 5:29 p.m.22 views

CVE-2018-6765

Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing...

7.8CVSS7.9AI score0.00729EPSS
Exploits0References1
Prion
Prion
added 2018/03/27 5:29 p.m.14 views

Design/Logic Flaw

Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing...

7.2CVSS7.9AI score0.00729EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/27 5:29 p.m.5 views

CVE-2018-6765

Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing...

7.8CVSS6.2AI score0.00729EPSS
Exploits0References1
OSV
OSV
added 2018/03/27 5:29 p.m.6 views

CVE-2018-6766

Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing that coul...

7.8CVSS6.2AI score0.00729EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/27 5:0 p.m.23 views

CVE-2018-6765

Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing...

8AI score0.00729EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/27 5:0 p.m.23 views

CVE-2018-6766

Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing that coul...

8AI score0.00729EPSS
Exploits0References1
CVE
CVE
added 2018/03/27 5:0 p.m.43 views

CVE-2018-6765

CVE-2018-6765 affects Swisscom MySwisscomAssistant 2.17.1.1065. The vulnerability is due to DLL loading handling: multiple DLLs (dwmapi.dll, IPHLPAPI.DLL, WindowsCodecs.dll, RpcRtRemote.dll, CRYPTSP.dll, rasadhlp.dll, DNSAPI.dll, ntmarta.dll, netbios.dll, olepro32.dll, security.dll, winhttp.dll, ...

7.8CVSS7.9AI score0.00729EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/03/27 5:0 p.m.36 views

CVE-2018-6766

CVE-2018-6766 affects Swisscom TVMediaHelper 1.1.0.50. The vulnerability arises from the handling of multiple DLLs (dwmapi.dll, PROPSYS.dll, cscapi.dll, SAMLIB.dll, netbios.dll, winhttp.dll, security.dll, ntmarta.dll, WindowsCodecs.dll, apphelp.dll) loaded by SwisscomTVMediaHelper.exe, allowing a...

7.8CVSS7.9AI score0.00729EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/06/29 12:29 a.m.18 views

CVE-2016-10042

Authorization Bypass in the Web interface of Arcadyan SLT-00 Star aka Swisscom Internet-Box devices before R7.7 allows unauthorized reconfiguration of the static routing table via an unauthenticated HTTP request, leading to denial of service and information disclosure...

7.5CVSS7.3AI score0.0095EPSS
Exploits0References1
Prion
Prion
added 2017/06/29 12:29 a.m.17 views

Authorization

Authorization Bypass in the Web interface of Arcadyan SLT-00 Star aka Swisscom Internet-Box devices before R7.7 allows unauthorized reconfiguration of the static routing table via an unauthenticated HTTP request, leading to denial of service and information disclosure...

5CVSS6.9AI score0.0095EPSS
Exploits0References1
Rows per page
Query Builder