34 matches found
EUVD-2017-3803
Malware in sbrugna...
EUVD-2018-1019
Malware in sbrugna...
EUVD-2015-0771
Malware in sbrugna...
EUVD-2024-47079
Malicious code in bioql PyPI...
Update now: 9 vulnerabilities impact Cisco Small Business Series
Vulnerabilities have been found and fixed in the web-based user interface of various Cisco products in the Small Business Series. These nine issues are tied to the web-based user interface of the products, and in a worst case scenario could lead to denial of service DoS conditions or arbitrary co...
CVE-2023-20157 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20161
CVE-2023-20161 affects Cisco Small Business Series Switches and relates to multiple vulnerabilities in the web-based user interface. The root cause, as described, is improper validation of requests sent to the web interface, enabling an unauthenticated, remote attacker to cause a denial of servic...
CVE-2023-20159 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20160 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The...
Xxe
An XML External Entities XXEvulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Orchestration Designer includes all 7.x...
Schneider Electric EcoStruxure Building Operation WebStation Cross-Site Scripting Vulnerability
The EcoStruxure Building Operation WebStation is a web-based user interface for daily operations in the EcoStruxure BMS. A cross-site scripting vulnerability exists in EcoStruxure Building Operation WebStation 2.0 - 3.1. An attacker can exploit this vulnerability to inject HTML and JavaScript cod...
CVE-2020-12495
Endress+Hauser Ecograph T Neutral/Private Label RSG35, ORSG35 with Firmware version prior to V2.0.0 is prone to improper privilege management. The affected device has a web-based user interface with a role-based access system. Users with different roles have different write and read privileges. T...
Cisco IOS XE Software Privilege Escalation Multiple Vulnerabilities (cisco-sa-ios-webui-priv-esc-K8zvEWM)
A vulnerability in the web-based user interface web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges on an affected device. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
CVE-2020-3222
A vulnerability in the web-based user interface web UI of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoint of the web UI. An...
CVE-2020-3222
Cisco IOS XE Software Web UI contains an unauthenticated proxy service at a specific UI endpoint. The vulnerability allows an adjacent, unauthenticated attacker to bypass access controls by proxying requests through the management network, with the proxy reachable via the management VRF. Remediat...
CVE-2019-12651
Multiple vulnerabilities in the web-based user interface Web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory...
Johnson Controls MS-NCE2510-0 Metasys NCE Controller
Binary data 764894.prm...
Johnson Controls MS-NCE2520-0 Metasys NCE Controller
Binary data 764892.prm...