Lucene search
K

38 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: A refcount leak has been fixed in formatshow. A refcount leak occurs when formatshow returns an error in multiple cases. Unified management of ofnodeput can fix this issue...

5.5CVSS6.1AI score0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/14 8:40 a.m.5 views

CVE-2026-24032

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...

7.3CVSS5.8AI score0.00251EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/14 8:40 a.m.4 views

CVE-2026-24032

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...

7.3CVSS5.8AI score0.00251EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.7 views

CVE-2024-25657

An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform UMP 23.07.0.16567LTS could allow attackers to redirect authenticated users to malicious websites...

5.4CVSS6.7AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.7 views

CVE-2024-25654

Insecure permissions for log files of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allow members with local access to the UMP application server to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database...

5.5CVSS6.5AI score0.00214EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.8 views

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform UMP 23.07.0.16567LTS can result in unauthenticated CPE Customer Premises Equipment devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

5.9CVSS7.1AI score0.00465EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:23 a.m.7 views

CVE-2024-25655

Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allows members with read access to the application database to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP...

6.5CVSS7AI score0.00455EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Siemens多款产品 缓冲区错误漏洞

Siemens SINEMA Remote Connect and others are products of Siemens, Germany.Siemens SINEMA Remote Connect is a set of remote management platforms.Siemens SINEC NMS is a network management system NMS.Siemens SIMATIC PCS is a process control system. A buffer error vulnerability exists in several...

8.7CVSS7.1AI score0.00531EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/05/07 12:0 a.m.6 views

The vulnerability in the web-based interface of UserGate Next-Generation Firewall (NGFW), the unified management center UserGate Management Center (UGMC), the log collection system UserGate Log Analyzer (LogAn), and the event tracking and analysis tool UserGate Security Information and Event Management (SIEM) allows a perpetrator to execute injection requests and trigger built-in database functions.

The vulnerability in the web-based interface of the UserGate Next-Generation Firewall NGFW, the unified management center UserGate Management Center UGMC, and the log collection system UserGate Log Analyzer LogAn is related to insufficient validation of input data. Exploiting this vulnerability...

4.1CVSS5.6AI score
Exploits0Affected Software4
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

DEBIAN-CVE-2022-49113

In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: fix refcount leak in formatshow Refcount leak will happen when formatshow returns failure in multiple cases. Unified management of ofnodeput can fix this problem...

5.5CVSS5.5AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.35 views

PT-2024-23494 · Jnt Telecom · Jnt Liftcom Ums

Name of the Vulnerable Software and Affected Versions: JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 Description: An issue in the software allows a remote attacker to execute arbitrary code via the Network Troubleshooting functionality. Recommendations: For JNT Telecom JNT Liftcom UMS V1.J...

6.3CVSS8.1AI score0.00554EPSS
Exploits0References4
NVD
NVD
added 2024/03/18 8:15 p.m.4 views

CVE-2024-25657

An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform UMP 23.07.0.16567LTS could allow attackers to redirect authenticated users to malicious websites...

5.4CVSS6.3AI score0.00318EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 8:15 p.m.3 views

CVE-2024-25654

Insecure permissions for log files of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allow members with local access to the UMP application server to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database...

5.5CVSS5.8AI score0.00214EPSS
Exploits1References1
NVD
NVD
added 2024/03/18 8:15 p.m.13 views

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform UMP 23.07.0.16567LTS can result in unauthenticated CPE Customer Premises Equipment devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

5.9CVSS6.7AI score0.00465EPSS
Exploits0References1
CVE
CVE
added 2024/03/18 12:0 a.m.71 views

CVE-2024-25654

CVE-2024-25654 affects AVSystem Unified Management Platform (UMP) version 23.07.0.16567~LTS. The root cause is insecure permissions on log files, which, for users with local access to the UMP application server, can expose credentials used to authenticate to all services and can enable decryption...

5.5CVSS6.4AI score0.00214EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-21073 · Avsystem · Avsystem Unified Management Platform

Name of the Vulnerable Software and Affected Versions: AVSystem Unified Management Platform UMP version 23.07.0.16567LTS Description: An open redirect in the Login/Logout functionality of web management could allow attackers to redirect authenticated users to malicious websites. Recommendations:...

5.4CVSS6.5AI score0.00318EPSS
Exploits0References5
CVE
CVE
added 2024/03/18 12:0 a.m.52 views

CVE-2024-25657

CVE-2024-25657 affects AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS. An open redirect exists in the Login/Logout web management flow, potentially causing authenticated users to be redirected to malicious websites. The initial entry reports a CVSSv3.1 base score of 5.4 (Medium) wit...

5.4CVSS6.6AI score0.00318EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.5 views

AVSystem Unified Management Platform Security Vulnerability

AVSystem Unified Management Platform is a comprehensive management platform from AVSystem designed to help enterprises, service providers and carriers manage and monitor their network devices, Internet of Things IoT devices and services. A security vulnerability exists in AVSystem Unified...

6.5CVSS7.1AI score0.00455EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/18 12:0 a.m.17 views

CVE-2024-25654

Insecure permissions for log files of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allow members with local access to the UMP application server to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database...

6.4AI score0.00214EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/18 12:0 a.m.13 views

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform UMP 23.07.0.16567LTS can result in unauthenticated CPE Customer Premises Equipment devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

7AI score0.00465EPSS
Exploits0References1
Rows per page
Query Builder