Lucene search
+L

56 matches found

Vulnrichment
Vulnrichment
added 2022/09/28 1:45 p.m.4 views

CVE-2022-22524 SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...

9.4CVSS9.4AI score0.00928EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/28 1:45 p.m.31 views

CVE-2022-22524 SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...

9.4CVSS9.6AI score0.00928EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/28 1:45 p.m.8 views

CVE-2022-22523 Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass

An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...

7.5CVSS7.7AI score0.00655EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/28 1:45 p.m.24 views

CVE-2022-22523 Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass

An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...

7.5CVSS7.9AI score0.00655EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.7 views

Carlo Gavazzi UWP 输入验证错误漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management, and parking lot guidance. An input validation error vulnerability exists in Carlo Gavazzi UWP 3.0, which stems from a la...

7.2CVSS7.6AI score0.00997EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.5 views

Carlo Gavazzi UWP 信任管理问题漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. A trust management issue vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploited ...

9.8CVSS8.4AI score0.00872EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.4 views

Carlo Gavazzi UWP 路径遍历漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A path traversal vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploit...

9.8CVSS8.6AI score0.01096EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.4 views

Carlo Gavazzi UWP 跨站脚本漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A cross-site scripting vulnerability exists in Carlo Gavazzi UWP 3.0, which can be...

6.1CVSS6.1AI score0.00363EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.4 views

Carlo Gavazzi UWP 操作系统命令注入漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. An operating system command injection vulnerability exists in Carlo Gavazzi UWP 3.0, which can ...

9.8CVSS8.9AI score0.01054EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2022/07/12 7:0 a.m.148 views

July 12, 2022—KB5015827 (OS Build 20348.825)

None None...

8.8CVSS6.8AI score0.88609EPSS
Exploits5
OSV
OSV
added 2021/11/17 8:15 p.m.5 views

CVE-2021-33063

Uncontrolled search path in the IntelR RealSenseTM D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00254EPSS
Exploits0References1
Prion
Prion
added 2021/11/17 8:15 p.m.16 views

Design/Logic Flaw

Uncontrolled search path in the IntelR RealSenseTM D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access...

4.4CVSS7.8AI score0.00254EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/17 7:9 p.m.45 views

CVE-2021-33063

The vulnerability CVE-2021-33063 affects the Intel RealSense D400 Series UWP driver for Windows 10 prior to version 6.1.160.22. The root cause is an uncontrolled search path, which could allow an authenticated user to escalate privileges through local access. Intel’s advisory and Red Hat/NVD entr...

7.8CVSS7.7AI score0.00254EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2021/11/13 8:30 p.m.29 views

Canadian Furious Beaver - A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities

Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: 1. the "Broker" combines both a user-land agent and a self-extractable driver IrpDumper.sys that will install itself on the targeted system. Once running it will expose depending on the...

7.3AI score
Exploits0References5
CNVD
CNVD
added 2021/11/12 12:0 a.m.33 views

Microsoft Windows Diagnostic Hub Elevation of Privilege Vulnerability

Microsoft Windows Diagnostic Hub is an application from Microsoft Corporation USA. It is not only a task manager, but also a device diagnostic center. This application combines Windows developer tools with UWP functionality to access new information and features.Microsoft Windows Diagnostic Hub i...

7.8CVSS3.7AI score0.00792EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/10 12:0 a.m.4 views

Intel RealSense D400 Series 代码问题漏洞

The Intel RealSense D400 Series is a series of cameras from Intel Corporation USA that deliver real-sense technology. This series of cameras is the preferred solution for applications such as robot navigation and object recognition. A code issue vulnerability exists in the Intel RealSense D400...

7.8CVSS7.5AI score0.00254EPSS
Exploits0References3
Intel
Intel
added 2021/11/09 12:0 a.m.27 views

Intel® RealSense™ D400 Series UWP Advisory

Summary: A potential security vulnerability in the Intel® RealSense™ D400 Series Universal Windows Platform UWP driver for Windows 10 may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33063...

7.8CVSS7.7AI score0.00254EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.104 views

September 14, 2021—KB5005575 (OS Build 20348.230)

None None...

9.8CVSS6.8AI score0.99759EPSS
Exploits79
CNVD
CNVD
added 2021/04/01 12:0 a.m.4 views

Binary Vulnerability in Microsoft DirectComposition

DirectComposition is a graphical interface rendering framework introduced by Microsoft in the kernel since Windows 8, mainly used for rendering windows, interfaces and animations of UWP applications. A binary vulnerability exists in Microsoft DirectComposition, which can be exploited by attackers...

6.8AI score
Exploits0
NVD
NVD
added 2020/08/13 3:15 a.m.24 views

CVE-2020-8763

Improper permissions in the installer for the IntelR RealSenseTM D400 Series UWP driver for Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.8AI score0.00284EPSS
Exploits0References1
Rows per page
Query Builder