Lucene search
+L

14 matches found

NVD
NVD
added 2024/07/05 2:15 p.m.28 views

CVE-2024-39864

The CloudStack integration API service allows running its unauthenticated API server usually on port 8096 when configured and enabled via integration.api.port global setting for internal portal integrations and for testing purposes. By default, the integration API service port is disabled and is...

9.8CVSS0.01772EPSS
Exploits0References4
NVD
NVD
added 2024/04/04 9:15 p.m.26 views

CVE-2024-31204

mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability resides in the exception handling mechanism, specifically when not operating in DEVMODE. The system saves...

6.1CVSS6AI score0.08249EPSS
Exploits1References3
OSV
OSV
added 2021/01/12 3:15 p.m.3 views

CVE-2020-14275

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...

9.8CVSS5.8AI score0.0144EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.16 views

Siemens SCALANCE X-200, XR300-WG 3.0 and 3.1 RCDP Triggered Unauthorized Administrative Actions

Binary data 720205.prm...

8.8CVSS7.3AI score0.00999EPSS
Exploits0References2
NVD
NVD
added 2017/12/26 4:29 a.m.27 views

CVE-2017-12736

After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...

8.8CVSS8.5AI score0.00999EPSS
Exploits0References5
OSV
OSV
added 2017/12/26 4:29 a.m.5 views

CVE-2017-12736

After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...

8.8CVSS5.8AI score0.00999EPSS
Exploits0References5
ICS
ICS
added 2015/11/06 7:0 a.m.34 views

Siemens Ruggedcom WIN Vulnerability

OVERVIEW IOActive has coordinated with Siemens regarding multiple vulnerabilities in the Ruggedcom WIN firmware. Siemens has produced firmware updates that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely if there is network access to the affected service. AFFECT...

7.5AI score
Exploits0References10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

GSC Client 1.00 2067 - Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized administrative...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/01/23 12:0 a.m.10 views

WAGO Multiple Remote Vulnerabilities

WAGO is prone to multiple security vulnerabilities, including: 1. A security-bypass vulnerability 2. Multiple information-disclosure vulnerabilities 3. A cross-site request forgery vulnerability Successful attacks can allow an attacker to obtain sensitive information, bypass certain security...

0.7AI score
Exploits0References6
exploitpack
exploitpack
added 2008/06/14 12:0 a.m.20 views

GSC Client 1.00 2067 - Privilege Escalation

GSC Client 1.00 2067 - Privilege Escalation source: https://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/14 12:0 a.m.27 views

GSC Client 1.00 2067 - Privilege Escalation

source: https://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized administrative actions; other attacks are also...

7.4AI score
Exploits0
Prion
Prion
added 2007/01/18 2:28 a.m.15 views

Authentication flaw

1 admin/adminlien.php3 and 2 admin/modif.php3 in liensdynamiques 2.1 do not require authentication, which allows remote attackers to perform unauthorized administrative actions using a direct request...

7.5CVSS7.2AI score0.01558EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2007/01/16 11:0 p.m.24 views

CVE-2007-0261

snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uploading PHP code via the imagefile parameter...

7.4AI score0.0452EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/12/28 12:0 a.m.17 views

CVE-2006-6785

The 1 settings.php and 2 subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability...

7.8AI score0.04155EPSS
Exploits1References3
Rows per page
Query Builder