Lucene search
K

103 matches found

NVD
NVD
added 2018/10/17 6:29 p.m.16 views

CVE-2018-15616

A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2...

9.8CVSS9.6AI score0.03343EPSS
Exploits1References1
OSV
OSV
added 2018/10/17 6:29 p.m.3 views

CVE-2018-15616

A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2...

9.8CVSS6AI score0.03343EPSS
Exploits1References1
Prion
Prion
added 2018/10/17 6:29 p.m.21 views

Deserialization of untrusted data

A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2...

7.5CVSS9.6AI score0.03343EPSS
Exploits1References1Affected Software1
Kitploit
Kitploit
added 2018/07/19 2:19 p.m.283 views

Seeker - Find GeoLocation With High Accuracy

Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Other tools and services offer IP Geolocation which is not very accurate and does not give location of user. Generally if a user accepts location permsission, Accuracy of the informati...

6.9AI score
Exploits0References1
NVD
NVD
added 2015/08/04 1:59 a.m.12 views

CVE-2015-3940

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory...

6.9CVSS6.5AI score0.00457EPSS
Exploits0References5
Prion
Prion
added 2015/08/04 1:59 a.m.15 views

Design/Logic Flaw

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory...

6.9CVSS7AI score0.00457EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/08/04 1:0 a.m.19 views

CVE-2015-3940

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory...

6.5AI score0.00457EPSS
Exploits0References5
CVE
CVE
added 2015/08/04 1:0 a.m.47 views

CVE-2015-3940

CVE-2015-3940 describes an untrusted search path vulnerability (CWE-427) in Schneider Electric Wonderware System Platform, affecting 2014 R2 and earlier versions. The issue allows local privilege escalation when a local user runs the vulnerable application and loads a Trojan-horse DLL from an uns...

6.9CVSS6.7AI score0.00457EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2015/06/24 12:0 a.m.3 views

Unspecified Vulnerability in Schneider Electric Wonderware System Platform

Wonderware System Platform is a system platform used in a variety of applications. A fixed search path vulnerability exists in Schneider Electric's Wonderware InTouch, Application Server, Historian, SuiteLink application. This vulnerability could be exploited by an attacker to install and execute...

6.9CVSS7AI score0.00457EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/09/17 12:0 a.m.44 views

Default Password (cliuser) for 'cliuser' Account

The account 'cliuser' on the remote host has the password 'cliuser'. An attacker may leverage this issue to gain administrative access to the affected system. Note that Cisco Unified Computing System Platform Emulator is known to use these credentials to provide administrative access to the CLI...

7.5CVSS8.3AI score0.53618EPSS
Exploits41References1
Symantec
Symantec
added 2013/06/18 12:0 a.m.136 views

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability

Description Oracle Java SE is prone to a memory-corruption vulnerability in Java Runtime Environment. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions...

10CVSS1.3AI score0.98704EPSS
Exploits10References4Affected Software90
Symantec
Symantec
added 2013/06/18 12:0 a.m.44 views

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability

Description Oracle Java SE is prone to a buffer-overflow vulnerability in Java Runtime Environment. An attacker can exploit this issue to execute arbitrary code in the context of the current user. This vulnerability affects the following supported versions: 7 Update 21 , 6 Update 45 , 5.0 Update ...

10CVSS1.3AI score0.14749EPSS
Exploits4References3Affected Software91
NVD
NVD
added 2012/07/05 3:23 a.m.28 views

CVE-2012-3007

Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components...

5CVSS6.9AI score0.02153EPSS
Exploits0References3
NVD
NVD
added 2012/04/02 8:55 p.m.16 views

CVE-2012-0258

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA...

6.8CVSS8AI score0.03197EPSS
Exploits0References4
Prion
Prion
added 2012/04/02 8:55 p.m.11 views

Heap overflow

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA...

6.8CVSS8.7AI score0.03197EPSS
Exploits0References4Affected Software8
Prion
Prion
added 2012/04/02 8:55 p.m.15 views

Heap overflow

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA...

6.8CVSS8.7AI score0.03197EPSS
Exploits0References4Affected Software8
CVE
CVE
added 2012/04/02 8:0 p.m.56 views

CVE-2012-0258

The CVE-2012-0258 issue is a heap-based buffer overflow in the WWCabFile ActiveX Component used by Wonderware System Platform and related products (Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Informatio...

6.8CVSS8.3AI score0.03197EPSS
Exploits0References4Affected Software8
CVE
CVE
added 2012/04/02 8:0 p.m.53 views

CVE-2012-0257

The CVE-2012-0257 issue is a heap-based buffer overflow in the WWCabFile ActiveX component used by Wonderware System Platform and several associated products (e.g., Wonderware Application Server 2012, Foxboro Control Software 3.1, InFusion CE/FE/SCADA 2.5, Wonderware Information Server 4.5, Arche...

6.8CVSS8.3AI score0.03197EPSS
Exploits0References4Affected Software8
ICS
ICS
added 2012/03/23 6:0 a.m.53 views

Wonderware SuiteLink Unallocated Unicode String Vulnerability

Overview This Advisory is a follow-up to the original ICS-CERT Alert titled ICS-ALERT-12-136-01 Wonderware SuiteLink Unallocated Unicode String that was published May 15, 2012 on the ICS-CERT web page. Independent researcher Luigi Auriemma identified a maliciously crafted Unicode string...

5CVSS6.8AI score0.02153EPSS
Exploits0References10
Symantec
Symantec
added 2011/10/18 12:0 a.m.126 views

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...

10CVSS0.8AI score0.96714EPSS
Exploits24References3Affected Software67
Rows per page
Query Builder