Lucene search
K

334 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.32 views

RHEL 6 : tomcat5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: security manager bypass via IntrospectHelper utility function CVE-2016-5018 - The Realm...

9.1CVSS7.3AI score0.10303EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.49 views

Apache Tomcat 8.0.0.RC1 < 8.0.37 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.0.37. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.5.5and8.0.37security-8 advisory. - The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4,...

9.1CVSS6.4AI score0.10303EPSS
Exploits5References20
NVD
NVD
added 2024/04/22 3:15 p.m.25 views

CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

4.3CVSS6.2AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2024/04/22 3:15 p.m.21 views

CVE-2023-38300

A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...

6.2CVSS6.2AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.5 views

vendor.gsm.serial 安全漏洞

vendor.gsm.serial is a component. A security vulnerability exists in vendor.gsm.serial, which originates from a security issue in a third-party component related to vendor.gsm.serial that ships with the device, and can disclose the device serial number to system properties. The following products...

3.4CVSS6.6AI score0.00165EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/22 12:0 a.m.26 views

CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

6.5AI score0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/22 12:0 a.m.24 views

CVE-2023-38300

A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...

6.5AI score0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/22 12:0 a.m.11 views

CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

6.6AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 12:0 a.m.63 views

CVE-2023-38302

CVE-2023-38302 affects a Sharp Rouvo V device build (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys). The vulnerability arises because the device leaks the Wi‑Fi MAC address and the Bluetooth MAC address to system properties that any local app can access without p...

4.3CVSS6.5AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 12:0 a.m.50 views

CVE-2023-38300

CVE-2023-38300 affects the Orbic Maui device (Orbic/RC545L/RC545L:10/ORB545L_V1.4.2_BVZPP/230106:user/release-keys). A high-privilege process leaks non-resettable identifiers by exposing IMEI via persist.sys.verizon_test_plan_imei and ICCID via persist.sys.verizon_test_plan_iccid to system proper...

6.2CVSS6.5AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.6 views

PT-2024-12705 · Orbic · Orbic Maui

Name of the Vulnerable Software and Affected Versions: Orbic Maui device version ORB545L V1.4.2 BVZPP Description: A certain software build for the Orbic Maui device leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or...

6.2CVSS6.2AI score0.00184EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.9 views

TCL 安全漏洞

Tcl is a freely available open source package. It provides a powerful platform for creating integrated applications that tie together various applications, protocols, devices and frameworks. A security vulnerability exists in the TCL 30Z, A3X, 20XE, and 10L, which stems from the fact that certain...

8.8CVSS6.8AI score0.00454EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/22 12:0 a.m.18 views

CVE-2023-38300

A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...

6.6AI score0.00184EPSS
Exploits0References1
Fedora
Fedora
added 2024/03/29 4:11 a.m.55 views

[SECURITY] Fedora 40 Update: apache-commons-configuration-2.10.1-1.fc40

The Commons Configuration software library provides a generic configuration interface which enables a Java application to read configuration data from a variety of sources. Commons Configuration provides typed access to single, and multi-valued configuration parameters as demonstrated by the...

7.3CVSS5.9AI score0.02054EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.20 views

Fedora: Security Advisory for apache-commons-lang3 (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:32 p.m.38 views

[SECURITY] Fedora 40 Update: apache-commons-lang3-3.14.0-5.fc40

The standard Java libraries fail to provide enough methods for manipulation of its core classes. The Commons Lang Component provides these extra methods. The Commons Lang Component provides a host of helper utilities for the java.lang API, notably String manipulation methods, basic numerical...

8.8CVSS6.8AI score0.02578EPSS
Exploits3
OSV
OSV
added 2024/03/06 11:5 a.m.25 views

BIT-SOLR-2023-50291 Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties...

7.5CVSS6.9AI score0.03306EPSS
Exploits0References3
Veracode
Veracode
added 2024/02/12 2:14 p.m.39 views

Insufficiently Protected Credentials

Apache Solr is vulnerable to Insufficiently Protected Credentials. The vulnerability is caused due to system property redaction logic inconsistencies. This allows an attacker to access sensitive system properties, including credentials such as passwords or secret keys...

7.5CVSS6.6AI score0.03306EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2024/02/09 10:29 p.m.38 views

CVE-2023-50291

A flaw was found in Apache Solr. The /admin/info/properties endpoint, which publishes the Solr process' Java system properties, is only setup to hide system properties that have "password" contained in the name. There are a number of sensitive system properties, such as "basicauth" and...

6.5CVSS6.9AI score0.03306EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/02/09 6:31 p.m.30 views

Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties...

7.5CVSS7.1AI score0.03306EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder