Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.12 views

Qnap QTS OS Command Injection (CVE-2021-28804)

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build 20210107. QNAP Systems Inc...

9.8CVSS8.7AI score0.01816EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.12 views

Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17030)

A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices. This plugin only works with Tenable.ot. Please visit...

9.8CVSS8.9AI score0.03284EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.13 views

Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17032)

A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices. This plugin only works with Tenable.ot. Please visit...

9.8CVSS9.2AI score0.03284EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.13 views

Qnap QTS Path Traversal (CVE-2023-51366)

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:...

8.7CVSS5.5AI score0.00472EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.12 views

Qnap QTS Classic Buffer Overflow (CVE-2023-50362)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

8.8CVSS5.9AI score0.00759EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/08 12:0 a.m.13 views

Siemens RUGGEDCOM Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2024-39675)

In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

8.8CVSS7.2AI score0.00444EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.25 views

Siemens SITOP UPS1600 Out-of-Bounds Write (CVE-2023-26552)

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.6CVSS6.8AI score0.00645EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.12 views

Hikvision Cameras Buffer Overflow (CVE-2018-6413)

There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack service interruption via a crafted network setting interface request. This plugin only works with Tenable.ot. Plea...

7.5CVSS7.4AI score0.01739EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/21 12:0 a.m.24 views

Mitsubishi Electric MELSEC-Q/L Series Incorrect Pointer Scaling (CVE-2024-1915)

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot. Please...

9.8CVSS6.1AI score0.01044EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/21 12:0 a.m.25 views

Mitsubishi Electric MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-1917)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot...

9.8CVSS6.2AI score0.01066EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.34 views

Rockwell Automation ControlLogix and GuardLogix Improper Input Validation (CVE-2024-3493)

A specific malformed fragmented packet type fragmented packets may be generated automatically by devices that send large amounts of data can cause a major nonrecoverable fault MNRF. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally...

8.6CVSS5.8AI score0.00637EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.24 views

Moxa PT-7728 Series Switch Improper Authorization (CVE-2016-4514)

Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

7.7CVSS7.4AI score0.00946EPSS
Exploits0References2
Rows per page
Query Builder