Lucene search
K

832 matches found

Prion
Prion
added 2023/12/12 12:15 p.m.20 views

Command injection

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router Annex A 6GK5812-1AA00-2AA2 All versions V8.0,...

4CVSS6.9AI score0.00644EPSS
Exploits0References3Affected Software20
Cvelist
Cvelist
added 2023/12/12 11:27 a.m.30 views

CVE-2023-49692

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V7.2.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V7.2.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V7.2.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V7.2.2,...

7.2CVSS7AI score0.00623EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/12 11:27 a.m.24 views

CVE-2023-48428

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially...

7.2CVSS7.8AI score0.00498EPSS
Exploits0References1
CVE
CVE
added 2023/12/12 11:27 a.m.51 views

CVE-2023-48428

Summary of CVE-2023-48428 (SINEC INS) : The radius configuration mechanism in Siemens SINEC INS (all versions

7.2CVSS6.9AI score0.00498EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/30 6:15 p.m.1 views

CVE-2023-21380

In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.2AI score0.00094EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.5 views

PT-2023-18145 · Unknown · Security Element Api

Name of the Vulnerable Software and Affected Versions: Security Element API affected versions not specified Description: The issue is related to an integer overflow in the Security Element API, which can cause an out of bounds write. This could lead to local escalation of privilege, with System...

6.7CVSS6.5AI score0.00092EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2023/10/25 9:15 p.m.388 views

Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware

🔍 Cisco IOS XE Web UI Vulnerability Scanner - CVE-2023-20198...

10CVSS8.9AI score0.99571EPSS
Exploits26
ATTACKERKB
ATTACKERKB
added 2023/10/10 7:15 p.m.1 views

CVE-2023-31096

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

7.8CVSS6AI score0.00452EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.3 views

Siemens SINEMA Server 跨站脚本漏洞

Siemens SINEMA Server is a software from Siemens, Germany, developed specifically for industrial applications. It enables you to fully visualize and monitor your network. A cross-site scripting vulnerability exists in Siemens SINEMA Server V14 due to an affected application incorrectly clearing...

9CVSS6.8AI score0.00594EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.4 views

PT-2023-6106 · D Link · D-Link D-View

Name of the Vulnerable Software and Affected Versions: D-Link D-View affected versions not specified Description: The vulnerability resides within the coreservice action script action of the D-Link D-View platform. It involves the exposure of a dangerous function, allowing remote attackers to...

10CVSS7.9AI score0.02353EPSS
Exploits0References11
NVD
NVD
added 2023/09/11 7:15 p.m.22 views

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

7.8CVSS7.5AI score0.00823EPSS
Exploits4References7
Cisco
Cisco
added 2023/08/16 4:0 p.m.21 views

Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability

A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient...

7.1CVSS7AI score0.00385EPSS
Exploits0References1
OSV
OSV
added 2023/08/14 5:15 a.m.6 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

8.8CVSS6.1AI score0.01683EPSS
Exploits0References1
NVD
NVD
added 2023/08/14 5:15 a.m.27 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

9.1CVSS9.4AI score0.01683EPSS
Exploits0References1
Prion
Prion
added 2023/08/14 5:15 a.m.21 views

Design/Logic Flaw

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

6.5CVSS8.8AI score0.01683EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/14 4:11 a.m.35 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

9.1CVSS9.6AI score0.01683EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/12 12:0 a.m.6 views

PT-2023-23945 · Cyberpower · Cyberpower Powerpanel Enterprise

Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel Enterprise affected versions not specified Description: The issue allows an authenticated user to pass arbitrary OS commands through the username field when adding a remote backup location. This field is passed without...

9.1CVSS8.8AI score0.01683EPSS
Exploits0References9
Rockylinux
Rockylinux
added 2023/08/08 12:35 p.m.22 views

pcp bug fix and enhancement update

An update is available for pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Performance Co-Pilot PCP is a suite of tools, services, and libraries for...

6.9AI score
Exploits0
OSV
OSV
added 2023/08/07 4:15 a.m.5 views

CVE-2023-20795

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900...

6.7CVSS5.9AI score0.00089EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/04 12:0 a.m.3 views

PT-2023-4350 · Triangle Microworks · Triangle Microworks Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. The specific flaw exists...

8.3CVSS7.6AI score0.01486EPSS
Exploits0References6
Rows per page
Query Builder