Lucene search
+L

627 matches found

ATTACKERKB
ATTACKERKB
added 2023/04/05 11:0 p.m.8 views

CVE-2023-20128

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilitie...

7.2CVSS7.3AI score0.30386EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/04/05 11:0 p.m.3 views

CVE-2023-20117

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilitie...

7.2CVSS7.3AI score0.28347EPSS
Exploits0References2
OSV
OSV
added 2023/04/05 4:15 p.m.1 views

CVE-2023-20068

A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient...

6.1CVSS6.6AI score0.0047EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/05 12:0 a.m.10 views

Cisco Small Business 跨站脚本漏洞

Cisco Small Business is a switch from Cisco USA. A security vulnerability exists in the Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, which stems from insufficient validation of inputs to the web-based management interface...

6.1CVSS6.2AI score0.00433EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/03/11 12:0 a.m.8 views

The vulnerability of the Power Monitoring Expert software allows a intruder to view and modify the equipment settings.

The vulnerability of the Power Monitoring Exper software-related software is related to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to view and modify the settings of the equipment...

7.3CVSS7.7AI score0.01235EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted PEAP packets...

10CVSS8.2AI score0.27533EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of Microsoft Visual Studio, a software development tool, stems from insufficient validation of input data. This allows attackers to trigger service failures.

The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5.6CVSS6.7AI score0.00799EPSS
Exploits0References2Affected Software3
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.3 views

SUSE CVE-2009-0800

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

6.8CVSS7.8AI score0.05491EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.4 views

SUSE CVE-2016-9587

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute...

8.1CVSS7.8AI score0.1765EPSS
Exploits5References8
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.7 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS6.3AI score0.01048EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/27 12:0 a.m.7 views

The vulnerability of the InnoDB component of the MySQL Database Server allows a perpetrator to gain unauthorized access for reading, modifying, or deleting data, or to cause service failures.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or to cause service failures...

7.5CVSS6.4AI score0.00796EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.6 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to insufficient validation of input data, allow attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

7.8CVSS7.6AI score0.04655EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.7 views

PT-2023-1195 · Oracle · Oracle Communications Convergence

Name of the Vulnerable Software and Affected Versions: Oracle Communications Convergence versions 3.0.3.1.0 Description: The issue is related to insufficient input validation in the Admin Configuration component of Oracle Communications Convergence, part of Oracle Communications Applications. Thi...

9CVSS8.9AI score0.00631EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/01/04 12:0 a.m.8 views

The vulnerability of the implementation of the Simple Network Management Protocol (SNMP) for microprogrammable network interface controllers in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows a attacker to induce a service failure.

The vulnerability of the implementation of the Simple Network Management Protocol SNMP for micro-programmed network interface controllers in Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD exists due to insufficient validation of input data. Exploiting this...

7.8CVSS6.5AI score0.00783EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/03 12:0 a.m.4 views

PT-2023-13115 · Unknown · Config Manager

Name of the Vulnerable Software and Affected Versions: Config Manager affected versions not specified Description: The issue is related to a possible command injection in Config Manager due to improper input validation. This could lead to remote escalation of privilege, with user execution...

8.8CVSS8.7AI score0.0117EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.8 views

The CSV import function in JSM Insight’s data processing center for Atlassian Jira Server and Data Center is vulnerable, allowing attackers to perform SSRF attacks.

The vulnerability of the CSV import function in JSM Insight, a data processing tool for Atlassian Jira Server and Data Center, is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack remotely...

6.8CVSS6AI score0.00602EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/23 12:0 a.m.7 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation lies in insufficient input data validation, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrar...

9CVSS8.2AI score0.02457EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/16 12:0 a.m.7 views

The vulnerability of the Microsoft Office Graphics component in the Microsoft 365 Apps for Enterprise suite allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office Graphics component in the Microsoft 365 Apps for Enterprise suite is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.7AI score0.00816EPSS
Exploits0References2
OSV
OSV
added 2022/12/07 4:15 a.m.5 views

CVE-2022-45113

Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack. Affected...

6.5CVSS5.8AI score0.00608EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.8 views

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.01849EPSS
Exploits0References2
Rows per page
Query Builder