Lucene search
K

180 matches found

CNNVD
CNNVD
added 2023/09/11 12:0 a.m.4 views

D-Link DIR-619 缓冲区错误漏洞

D-Link DIR-619L is a home wireless router from AUO D-Link, designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from improper inpu...

7.5CVSS7.3AI score0.00983EPSS
Exploits1References3
OSV
OSV
added 2023/08/15 7:15 p.m.4 views

CVE-2023-4335

Broadcom RAID Controller Web server nginx is serving private server-side files without any authentication on Linux...

7.5CVSS5.8AI score0.00493EPSS
Exploits0References1
OSV
OSV
added 2023/08/14 11:15 p.m.6 views

CVE-2022-32876

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication...

3.3CVSS5.8AI score0.0019EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/23 6:15 p.m.3 views

CVE-2023-32365

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...

2.4CVSS5.7AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/19 12:0 a.m.5 views

ESPEC MIC 多款产品访问控制错误漏洞

The ESPEC MIC RT-12N and others are an environmental sensor from ESPEC MIC. A security vulnerability exists in the Especmic RT-12N/RS-12N, RT-22BN, and TEU-12N, which stems from a lack of authentication for critical functions, and can be exploited by an attacker to tamper with the settings of the...

5.3CVSS6.9AI score0.00835EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.39 views

Security Bulletin: Administrator password can be reset without authentication on SAN Volume Controller and Storwize Family (CVE-2014-4811)

Summary Security Bulletin: Administrator password can be reset without authentication on SAN Volume Controller and Storwize Family CVE-2014-4811 Vulnerability Details Security Bulletin --- Summary --- The administrator superuser password can be reset to a default value without requiring prior...

7.5CVSS6.2AI score0.02736EPSS
Exploits0
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.4 views

Couchbase Server 访问控制错误漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server versions 5.x through 7.x prior to 7.1.4, which stems from access...

5.3CVSS5.7AI score0.00629EPSS
Exploits0References5
OSV
OSV
added 2023/03/15 11:15 p.m.6 views

CVE-2023-28461

Array Networks Array AG Series and vxAG 9.4.0.481 and earlier allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09...

9.8CVSS7.8AI score0.67645EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:37 a.m.4 views

SUSE CVE-2013-3564

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...

5.3CVSS7.4AI score0.01112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.4 views

SUSE CVE-2014-7271

Simple Desktop Display Manager SDDM before 0.10.0 allows local users to log in as user "sddm" without authentication...

7.8CVSS6.6AI score0.00421EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.12 views

SUSE CVE-2019-12815

An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...

9.8CVSS8AI score0.57606EPSS
Exploits1References6
NVD
NVD
added 2023/01/23 3:15 p.m.17 views

CVE-2021-43447

ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An authentication bypass in the document editor allows attackers to edit documents without authentication...

7.5CVSS7.7AI score0.01254EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.7 views

PT-2022-26082 · Kyocera · Taskalfa 255C +34

Name of the Vulnerable Software and Affected Versions: Kyocera Document Solutions MFPs and printers versions TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa...

6.5CVSS6.7AI score0.00491EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/10/07 3:15 p.m.4 views

CVE-2022-39873

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication...

4.6CVSS5.8AI score0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/09/09 3:15 p.m.2 views

CVE-2022-36876

Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication...

2.4CVSS5.8AI score0.00323EPSS
Exploits0References3
OSV
OSV
added 2022/08/22 3:15 p.m.5 views

CVE-2022-37133

D-link DIR-816 A2v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end...

7.5CVSS5.8AI score0.01134EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/08/05 12:0 a.m.31 views

Supersmart 安全漏洞

Supersmart is an artificially intelligent automated checkout for brick-and-mortar retail from Israel's Supersmart. Supersmart Walk suffers from a security vulnerability that stems from the presence of unauthorized actions performed on other customers, which can be exploited by an attacker to rese...

7.5CVSS7.4AI score0.00416EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/21 12:0 a.m.3 views

ALLNET WR0500AC 访问控制错误漏洞

The ALLNET WR0500AC is a wireless router from ALLNET. The ALLNET WR0500AC suffers from an access control error vulnerability that originates from the wizardpwd.asp page that can change the password of the admin account without authentication...

9.8CVSS8.3AI score0.00529EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/07 7:15 p.m.2 views

CVE-2022-30730

Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication...

4.6CVSS5.8AI score0.00245EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/07 6:4 p.m.25 views

CVE-2022-30730

Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication...

4.6CVSS4.9AI score0.00245EPSS
Exploits0References1
Rows per page
Query Builder