Lucene search
K

418 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:36 a.m.15 views

CVE-2019-17059

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles...

10CVSS8.3AI score0.07406EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:37 a.m.7 views

CVE-2019-20458

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes and functions without a password. The user is at no point prompted to set up a password on the device leaving a number of devices without a password. In this case, anyone connecting to the we...

8.8CVSS7.2AI score0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.3 views

PublicCMS 代码问题漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version v4.0.202406, which originates from the /cms/CmsWebFileAdminController.java component that allows the upload of specially crafted svg or xml...

9.8CVSS6.9AI score0.00649EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.2 views

STEALTHONE多款产品 操作系统命令注入漏洞

The STEALTHONE D220 is a network storage server from STEALTHONE. An operating system command injection vulnerability exists in various STEALTHONE products, which can be exploited to execute arbitrary OS commands by a user with administrative privileges who can log in to the web administration pag...

7.2CVSS9.6AI score0.01118EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.2 views

STEALTHONE多款产品 SQL注入漏洞

STEALTHONE D220 and others are a network storage server from STEALTHONE. A SQL injection vulnerability exists in various STEALTHONE products, where an attacker with access to the affected products could obtain the administrative password for the web administration page. The following products are...

7.5CVSS9.6AI score0.00386EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.4 views

PT-2024-35169 · Sftpgo · Sftpgo

Name of the Vulnerable Software and Affected Versions: SFTPGo versions prior to 2.6.3 Description: SFTPGo has a feature that allows the EventManager to execute scripts or run applications in response to certain events. However, any SFTPGo administrator with permission to run a script has access t...

7.7CVSS7.5AI score0.00598EPSS
Exploits0References16
CVE
CVE
added 2024/11/12 6:5 p.m.59 views

CVE-2024-51721

CVE-2024-51721 : A code injection vulnerability affects the SecuSUITE Server Web Administration Portal in SecuSUITE versions up to 5.0.420. The issue allows an attacker to inject script commands or other executable content that would run with root privileges. Affected component is the Web Adminis...

7.3CVSS7.3AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2024/11/07 6:15 p.m.22 views

CVE-2019-20458

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes and functions without a password. The user is at no point prompted to set up a password on the device leaving a number of devices without a password. In this case, anyone connecting to the we...

8.8CVSS0.00421EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.8 views

PT-2024-10734 · Epson · Epson Expression Home Xp255

Name of the Vulnerable Software and Affected Versions: Epson Expression Home XP255 version 20.08.FM10I8 Description: An issue was discovered where the device comes without a password and the user is not prompted to set one up, allowing anyone to access the web admin panel and become admin without...

8.8CVSS7.1AI score0.00421EPSS
Exploits0References16
CVE
CVE
added 2024/11/07 12:0 a.m.55 views

CVE-2019-20458

CVE-2019-20458 affects Epson Expression Home XP255 (version 20.08.FM10I8). The root cause is that the device ships with no password and does not prompt the user to set one, enabling anyone who can reach the web admin panel to gain admin privileges. Public sources corroborate that this results in ...

8.8CVSS7.3AI score0.00421EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/07 12:0 a.m.12 views

CVE-2019-20458

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes and functions without a password. The user is at no point prompted to set up a password on the device leaving a number of devices without a password. In this case, anyone connecting to the we...

7.1AI score0.00421EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/07 12:0 a.m.17 views

CVE-2019-20458

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes and functions without a password. The user is at no point prompted to set up a password on the device leaving a number of devices without a password. In this case, anyone connecting to the we...

0.00421EPSS
Exploits0References2
OSV
OSV
added 2024/09/30 2:42 p.m.32 views

RHSA-2023:1486 Red Hat Security Advisory: Red Hat Gluster Storage web-admin-build security update

Bulletin has no description...

10CVSS8.6AI score0.03949EPSS
Exploits2References27
OSV
OSV
added 2024/09/30 2:20 p.m.22 views

RHSA-2022:1628 Red Hat Security Advisory: web-admin-build security update

Bulletin has no description...

7.5CVSS7.8AI score0.03958EPSS
Exploits0References8
OSV
OSV
added 2024/09/13 10:10 p.m.21 views

RHSA-2020:5599 Red Hat Security Advisory: web-admin-build security and bug fix update

Bulletin has no description...

8.2CVSS8.1AI score0.99856EPSS
Exploits5References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/27 9:27 p.m.36 views

Security Bulletin: Security Vulnerabilities discovered in IBM Security Verify Directory (CVE-2022-32753, CVE-2022-32756, CVE-2022-32754)

Summary Security Vulnerabilities discovered in Web Admin Tool provided by IBM Security Verify Directory products have been resolved. Vulnerability Details CVEID:CVE-2022-32753 DESCRIPTION: IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an...

6.5CVSS5.4AI score0.00508EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.3 views

Cisco Unified Communications Manager 安全漏洞

Cisco Unified Communications Manager is a call processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting vulnerability exists in Cisco Unified...

6.1CVSS6AI score0.00349EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/20 12:0 a.m.6 views

SFTPGo Security Vulnerabilities

SFTPGo is a full-featured and highly configurable SFTP server by Nicola Murino, a personal developer in Italy. A security vulnerability exists in SFTPGo versions v2.2.0 through v2.6.1, which stems from the SFTPGo WebAdmin and WebClient support for password reset, which, if enabled, allows even...

5.4CVSS6.9AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.3 views

PHOENIX CONTACT CHARX SEC-3000 安全漏洞

PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. A security vulnerability exists in the PHOENIX CONTACT CHARX SEC-3000 version 1.5.1 and earlier, which originates from an unauthenticated, remote attacker who can extract session tokens via a MitM attack...

7CVSS6.9AI score0.00492EPSS
Exploits0References3
0day.today
0day.today
added 2024/05/13 12:0 a.m.156 views

Openmediavault Remote Code Execution / Local Privilege Escalation Exploit

Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive revers...

7.4AI score
Exploits0
Rows per page
Query Builder