CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

VulnCheck KEV•added 2025/06/05 12:0 a.m.•1 views

VulnCheck KEV: CVE-2022-40843

The Tenda AC1200 V-W15Ev2 V15.11.0.101576 router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password...

4.9CVSS5.7AI score0.40404EPSS

Exploits1References1

Positive Technologies•added 2024/04/25 12:0 a.m.•1 views

PT-2024-5142 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.0 Description: The issue is related to the transmission of syslog traffic in clear text, which could allow an unauthenticated, remote attacker to capture sensitive information. This could potentially lead ...

8.6CVSS7.2AI score0.00156EPSS

Exploits0References4

Positive Technologies•added 2023/10/10 12:0 a.m.•1 views

PT-2023-5996 · Fortinet · Fortianalyzer

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 7.4.0 and below 7.2.3 Description: The issue is related to insufficient verification of data authenticity, allowing a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via knowledge ...

5.3CVSS5.1AI score0.00321EPSS

Exploits0References5

OSV•added 2022/11/15 2:15 a.m.•1 views

CVE-2022-40843

4.9CVSS5.8AI score0.40404EPSS

Exploits1References1

Positive Technologies•added 2022/11/15 12:0 a.m.•2 views

PT-2022-25574 · Tenda · Tenda Ac1200

Name of the Vulnerable Software and Affected Versions: Tenda AC1200 V-W15Ev2 version V15.11.0.101576 Description: The issue concerns improper authorization and improper session management, allowing the router login page to be bypassed. This enables authenticated attackers to read the router's...

4.9CVSS4.8AI score0.40404EPSS

Exploits1References4

CNVD•added 2019/06/21 12:0 a.m.•1 views

Cisco RV110W, RV130W, and RV215W Authorization Issues Vulnerabilities

Cisco?RV110W and others are a VPN firewall router from Cisco USA. An authorization issue vulnerability exists in the web-based management interface in the Cisco RV110W, RV130W, and RV215W, which can be exploited by a remote attacker to access information in the syslog file...

5.3CVSS6.7AI score0.78679EPSS

Exploits1References1

OSV•added 2016/10/06 10:59 a.m.•1 views

CVE-2016-6653

The MariaDB auditplugin component in Pivotal Cloud Foundry PCF cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cleartext credentials...

7.5CVSS5.8AI score0.00297EPSS

Exploits0References2

RedHat Linux•added 2008/10/21 2:52 p.m.•3 views

ruby: multiple insufficient safe mode restrictions

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

7.5CVSS7.2AI score0.47517EPSS

Exploits1References4