Lucene search
K

274 matches found

NVD
NVD
added 2020/07/01 2:15 a.m.24 views

CVE-2020-4027

Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version...

6.5CVSS0.01515EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/01 1:35 a.m.25 views

CVE-2020-4027

Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version...

4.9AI score0.01515EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.34 views

Fedora: Security Advisory for perl (FEDORA-2020-fd73c08076)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.6CVSS8.5AI score0.11334EPSS
Exploits0References2
0daydb
0daydb
added 2020/06/18 1:30 a.m.274 views

SOS JobScheduler 1.13.3 CVE-2020-12712 Stored Password Decryption

SOS JobScheduler version 1.13.3 encrypts a secret by simply using the name of a profile as the key, making it trivial to decrypt. Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com...

6.5CVSS7.2AI score0.26546EPSS
Exploits13
Fedora
Fedora
added 2020/06/16 1:19 a.m.76 views

[SECURITY] Fedora 31 Update: perl-5.30.3-452.fc31

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

8.6CVSS0.8AI score0.11334EPSS
Exploits0
0day.today
0day.today
added 2020/06/16 12:0 a.m.152 views

SOS JobScheduler 1.13.3 - Stored Password Decryption Exploit

Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com Software Link: www.sos-berlin.com/en/jobscheduler-downloads Version: Tested on 1.12.9 and 1.13.3, vendor reported 1.12 and 1.13 Tested on: Windows and Linux CVE:...

7.5CVSS7.4AI score0.07842EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/06/16 12:0 a.m.709 views

SOS JobScheduler 1.13.3 Stored Password Decryption

Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com Software Link: www.sos-berlin.com/en/jobscheduler-downloads Version: Tested on 1.12.9 and 1.13.3, vendor reported 1.12 and 1.13...

7.4AI score0.07842EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/06/15 12:0 a.m.675 views

SOS JobScheduler 1.13.3 - Stored Password Decryption

Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com Software Link: www.sos-berlin.com/en/jobscheduler-downloads Version: Tested on 1.12.9 and 1.13.3, vendor reported 1.12 and 1.13...

7.5CVSS7.4AI score0.07842EPSS
Exploits6
Fedora
Fedora
added 2020/06/05 2:32 a.m.77 views

[SECURITY] Fedora 32 Update: perl-5.30.3-453.fc32

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

8.6CVSS0.8AI score0.11334EPSS
Exploits0
Atlassian
Atlassian
added 2020/06/02 3:23 p.m.33 views

Velocity Template Injection in Custom user macros - Macros Platform - CVE-2020-4027

Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. This issue was discovered and reported by GHSL team member...

6.5CVSS5.6AI score0.01515EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/03/04 12:0 a.m.4 views

The vulnerability of the sudoer account in the Runas ALL system administration software allows a hacker to impersonate an existing user.

The vulnerability of the sudoer account in the Runas ALL system administration program is related to improper access control. Exploiting this vulnerability allows a malicious actor to impersonate an existing user...

7.8CVSS6.9AI score0.03295EPSS
Exploits0References10Affected Software4
CNVD
CNVD
added 2020/01/07 12:0 a.m.3 views

DTEN D5 and DTEN D7 Code Execution Vulnerabilities

The DTEN D5 and DTEN D7 are both stylus pens from DTEN. A security vulnerability exists in DTEN D5 and D7 versions prior to 1.3.4. An attacker can exploit the vulnerability to perform system administration and execute arbitrary code to obtain data displayed by Zoom Client...

10CVSS7.7AI score0.02327EPSS
Exploits0References1
NVD
NVD
added 2020/01/06 8:15 p.m.26 views

CVE-2019-16273

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...

10CVSS9.7AI score0.02327EPSS
Exploits0References1
Prion
Prion
added 2020/01/06 8:15 p.m.20 views

Code injection

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...

10CVSS9.5AI score0.02327EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/01/06 7:55 p.m.97 views

CVE-2019-16273

DTEN D5/D7 devices pre-1.3.4 are vulnerable to unauthenticated root shell access via Android Debug Bridge (ADB), enabling arbitrary code execution and system administration. The issue also enables a covert ability to capture Windows Zoom Client data by executing commands on the Android OS. Affect...

10CVSS9.6AI score0.02327EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/06 7:55 p.m.24 views

CVE-2019-16273

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...

9.8AI score0.02327EPSS
Exploits0References1
Saint
Saint
added 2019/08/26 12:0 a.m.115 views

Webmin password_change.cgi backdoor

Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...

1.3AI score
Exploits0
Saint
Saint
added 2019/08/26 12:0 a.m.179 views

Webmin password_change.cgi backdoor

Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...

8.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/13 12:0 a.m.41 views

RHEL 7 : cockpit-ovirt (RHSA-2019:2433)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2433 advisory. Cockpit is a Linux system adminstration tool with a web UI, easy setup, and minimal system footprint at runtime. When installed on hosts in Red Hat...

7.8CVSS6.6AI score0.00245EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2019/08/12 11:56 a.m.29 views

Moderate: Red Hat Security Advisory: cockpit-ovirt security, bug fix, and enhancement update

An update for cockpit-ovirt is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References7
Rows per page
Query Builder