Lucene search
K

3702 matches found

CERT
CERT
added 2016/03/17 12:0 a.m.68 views

Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow

Overview The Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow. Description CWE-121: Stack-based Buffer Overflow - CVE-2016-2345Solarwinds Dameware Remote Mini Controller is a software for assisting in remote desktop connections for helpdesk support...

10CVSS9.8AI score0.51215EPSS
Exploits4References2
CERT
CERT
added 2016/03/11 12:0 a.m.23 views

DTE Energy Insight app vulnerable to information exposure

Overview The DTE Energy Insight app API allows an authenticated user to obtain and query certain limited customer information from other customers. Description CWE-200: Information Exposure- CVE-2016-1562The DTE Energy Insight app lets DTE Energy customers track their energy usage. This informati...

4.3CVSS4.3AI score0.00911EPSS
Exploits0References2
CERT
CERT
added 2016/03/10 12:0 a.m.46 views

Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability

Overview Quagga, version 0.99.24.1 and earlier, contains a buffer overflow vulnerability in bgpd with BGP peers enabled for VPNv4 that may leveraged to gain code execution. Description CWE-121: Stack-based Buffer Overflow - CVE-2016-2342Quagga is a software routing suite that implements numerous...

8.1CVSS8AI score0.1211EPSS
Exploits0References3
CERT
CERT
added 2016/03/01 12:0 a.m.129 views

Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack

Overview Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the "DROWN" attack in the media. Description According to the researcher, "DROWN" is a new form of cross-protocol Bleichenbacher padding oracle...

5.9CVSS6.5AI score0.82112EPSS
Exploits2References3
CERT
CERT
added 2016/02/29 12:0 a.m.11 views

Forwarding Loop Attacks in Content Delivery Networks may result in denial of service

Overview Content Delivery Networks CDNs may in some scenarios be manipulated into a forwarding loop, which consumes server resources and causes a denial of service DoS on the network. Description CWE-400: Uncontrolled Resource Consumption 'Resource Exhaustion' Content Delivery Networks CDNs are...

7.2AI score
Exploits0References1
CERT
CERT
added 2016/02/29 12:0 a.m.39 views

IKE/IKEv2 protocol implementations may allow network amplification attacks

Overview Implementations of the IKEv2 protocol are vulnerable to network amplification attacks. Description CWE-406: Insufficient Control of Network Message Volume Network Amplification IKE/IKEv2 and other UDP-based protocols can be used to amplify denial-of-service attacks. In some scenarios, an...

7.8CVSS7.4AI score0.03151EPSS
Exploits0References6
CERT
CERT
added 2016/02/25 12:0 a.m.42 views

QNAP Signage Station and iArtist Lite contain multiple vulnerabilities

Overview The QNAP Signage Station prior to version 2.0.1 and the accompanying iArtist Lite application contain multiple vulnerabilities. Description CWE-434: Unrestricted Upload of File with Dangerous Type - CVE-2015-6022An authenticated attacker without administrative permissions may upload a...

9.8CVSS8.2AI score0.03096EPSS
Exploits0References4
CERT
CERT
added 2016/02/24 12:0 a.m.17 views

Multiple wireless keyboard/mouse devices use an unsafe proprietary wireless protocol

Overview Wireless keyboard and mouse devices from multiple vendors use proprietary wireless protocols that are not properly secured. Description CWE-311: Missing Encryption of Sensitive Data Multiple wireless input devices keyboard and mouse use a proprietary wireless protocol on the 2.4 GHz ISM...

7AI score
Exploits0References4
CERT
CERT
added 2016/02/22 12:0 a.m.40 views

Flexera Software FlexNet Publisher lmgrd contains a buffer overflow vulnerability

Overview Flexera Software FlexNet Publisher, including all versions prior to 11.13.1.2, lmgrd and custom vendor daemon servers contain a buffer overflow vulnerability that may be leveraged to gain code execution. Description Flexera Software FlexNet Publisher is a software license manager that...

10CVSS10AI score0.28677EPSS
Exploits0References4
CERT
CERT
added 2016/02/17 12:0 a.m.374 views

Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials

Overview Digital Video Recorders DVRs, security cameras, and possibly other devices from multiple vendors use a firmware derived from Zhuhai RaySharp that contains a hard-coded root password. Description CWE-259: Use of Hard-coded Password- CVE-2015-8286 According to the reporter, DVR devices bas...

10CVSS10AI score0.04563EPSS
Exploits1References4
CERT
CERT
added 2016/02/17 12:0 a.m.108 views

Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password

Overview Swann network video recorder NVR devices contain a hard-coded password and do not require authentication to view the video feed when accessing from specific URLs. Description CWE-259: Use of Hard-coded Password - CVE-2015-8286 According to the researcher, the Swann SRNVW-470LCD and Swann...

10CVSS7.9AI score0.04563EPSS
Exploits1References1
CERT
CERT
added 2016/02/17 12:0 a.m.105 views

glibc vulnerable to stack buffer overflow in DNS resolver

Overview GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code. Description CWE-121: Stack-based Buffer Overflow - CVE-2015-7547According to a Google security blog post: "The glibc DNS client side resolver is vulnerable...

8.1CVSS8.4AI score0.89557EPSS
Exploits17References4
CERT
CERT
added 2016/02/16 12:0 a.m.43 views

Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default

Overview Hirschmann "Classic Platform" switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257: Storing Passwords in a Recoverable Format For...

7.3AI score
Exploits0References2
CERT
CERT
added 2016/02/11 12:0 a.m.110 views

Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability

Overview Cisco Adaptive Security Appliance ASA Internet Key Exchange versions 1 and 2 IKEv1 and IKEv2 contains a buffer overflow vulnerability that may be leveraged to gain remote code execution. Description CWE-119: Improper Restriction of Operations within the Bound of a Memory Buffer -...

10CVSS10AI score0.77462EPSS
Exploits4References4
CERT
CERT
added 2016/02/04 12:0 a.m.20 views

Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium

Overview Comodo Chromodo browser, version 45.8.12.391, and possibly earlier, bundles the Ad Sanitizer extension, version 1.4.0.26, which disables the same origin policy, allowing for the possibility of cross-domain attacks by malicious or compromised web hosts. Chromodo is based on an outdated...

7.1AI score
Exploits0References4
CERT
CERT
added 2016/02/03 12:0 a.m.50 views

Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities

Overview Netgear Management System NMS300, version 1.5.0.11 and earlier, is vulnerable to arbitrary file upload, which may be leveraged by unauthenticated users to execute arbitrary code with SYSTEM privileges. A directory traversal vulnerability enables authenticated users to download arbitrary...

9.6CVSS9.3AI score0.94104EPSS
Exploits10References4
CERT
CERT
added 2016/02/02 12:0 a.m.43 views

Fisher-Price Smart Toy platform allows some unauthenticated web API commands

Overview The Fisher-Price Smart Toy does not perform proper authentication of some API commands, and it may also use a vulnerable version of Android. Description The Fisher-Price Smart Toy bear is a new WiFi-connected Internet of Things IoT toy. The device utilizes network connectivity to provide...

7.5CVSS8.2AI score0.02289EPSS
Exploits0References2
CERT
CERT
added 2016/02/02 12:0 a.m.31 views

OpenELEC and RasPlex have a hard-coded SSH root password

Overview OpenELEC and derivatives utilize a hard-coded default root password, and enable SSH root access by default. Description CWE-259: Use of Hard-coded Password OpenELEC has a hard-coded root password. The root partition is by default read-only, preventing a user from changing the password on...

7.3AI score
Exploits0References4
CERT
CERT
added 2016/02/01 12:0 a.m.61 views

Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries

Overview Huawei Mobile WiFi E5151, firmware version 21.141.13.00.1080, and E5186, firmware version V200R001B306D01C00, use insufficiently random values for DNS queries and are vulnerable to DNS spoofing attacks. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-8265Huawei Mobile...

7.5CVSS7.8AI score0.0191EPSS
Exploits0References2
CERT
CERT
added 2016/01/28 12:0 a.m.311 views

OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol

Overview OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. Description CWE-325: Missing Required Cryptographic Step - CVE-2016-0701OpenSSL 1.0.2 introduced the abilit...

5.9CVSS6.7AI score0.83645EPSS
Exploits2References5
CERT
CERT
added 2016/01/21 12:0 a.m.72 views

Harman AMX multimedia devices contain hard-coded credentials

Overview Multiple models of Harman AMX multimedia devices contain a hard-coded debug account. Description CWE-798: Use of Hard-coded Credentials - CVE-2015-8362According to the researchers' blog post, several models of Harman AMX multimedia devices contain a hard-coded "backdoor" account with...

10CVSS9.7AI score0.04674EPSS
Exploits1References6
CERT
CERT
added 2016/01/20 12:0 a.m.40 views

Oracle Outside In 8.5.2 contains multiple stack buffer overflows

Overview Oracle Outside In versions 8.5.2 and earlier contain stack buffer overflow vulnerabilities in the parsers for WK4, Doc, and Paradox DB files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of...

10CVSS7.7AI score0.08383EPSS
Exploits0References1
CERT
CERT
added 2016/01/20 12:0 a.m.66 views

ffmpeg and Libav cross-domain information disclosure vulnerability

Overview ffmpeg is a "cross-platform solution to record, convert and stream audio and video". ffmpeg is vulnerable to local file disclosure due to improper enforcement of domain restrictions when processing playlist files. Description CWE-201: Information Exposure Through Sent Data- CVE-2016-1897...

5.5CVSS5.5AI score0.14621EPSS
Exploits3References2
CERT
CERT
added 2016/01/14 12:0 a.m.401 views

OpenSSH Client contains a client information leak vulnerability and buffer overflow

Overview OpenSSH client code versions 5.4 through 7.1p1 contains a client information leak vulnerability that could allow an OpenSSH client to leak information not limited to but including private keys, as well as a buffer overflow in certain non-default configurations. Description CWE-200:...

8.1CVSS7.7AI score0.63468EPSS
Exploits3References7
CERT
CERT
added 2016/01/12 12:0 a.m.55 views

Samsung SRN-1670D camera contains multiple vulnerabilities

Overview The Samsung SRN-1670D camera contains multiple vulnerabilities. Description CWE-264: Permissions, Privileges, and Access Controls - CVE-2015-8279 An undocumented PHP request may be used to read arbitrary files from the system. CWE-200: Information Exposure - CVE-2015-8280 The interface...

8.6CVSS8AI score0.51379EPSS
Exploits5References1
CERT
CERT
added 2016/01/07 12:0 a.m.39 views

IPSwitch WhatsUp Gold does not validate commands when deserializing XML objects

Overview IPSwitch WhatsUp Gold version 16.3 does not properly validate data when deserializing XML objects sent over SOAP requests. Description CWE-502: Deserialization of Untrusted Data - CVE-2015-8261 WhatsUp Gold version 16.3 contains a SOAP request handler named DroneDeleteOldMeasurements...

9.8CVSS9.8AI score0.0355EPSS
Exploits4
CERT
CERT
added 2016/01/05 12:0 a.m.16 views

Comcast XFINITY Home Security fails to properly handle wireless communications disruption

Overview Comcast XFINITY Home Security does not fail securely, which may be leveraged to avoid triggering alarm events. Description CWE-636: Not Failing Securely 'Failing Open'Comcast XFINITY Home Security system components use the ZigBee communication protocol over a 2.4 GHz radio frequency band...

7.1AI score
Exploits0References4
CERT
CERT
added 2016/01/04 12:0 a.m.37 views

Furuno Voyage Data Recorder (VDR) moduleserv firmware update utility fails to properly sanitize user-provided input

Overview Furuno Voyage Data Recorder VDR VR-3000/VR-3000S and VR-7000 moduleserv firmware update utility fails to properly sanitize user-provided input and is vulnerable to arbitrary command execution with root privileges. Description According to the Furuno VDR product page, the VDR "records all...

8.3AI score
Exploits0References2
CERT
CERT
added 2015/12/21 12:0 a.m.35 views

Juniper ScreenOS contains multiple vulnerabilities

Overview Juniper Networks ScreenOS versions 6.3.0r17 through 6.3.0r20 allows unauthorized remote administration access to the device. Juniper Networks ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 allow for an attacker to monitor and decrypt VPN traffic. Description...

10CVSS8.3AI score0.614EPSS
Exploits7References7
CERT
CERT
added 2015/12/18 12:0 a.m.30 views

Dovestones Software AD Self Password Reset fails to properly restrict password reset request to authorized users

Overview Dovestones Software AD Self Password Reset, version 3.0.3.0 and earlier, fails to properly validate users, which enables an unauthenticated attacker to reset passwords for arbitrary accounts. Description CWE-284: Improper Access Control - CVE-2015-8267Dovestones Software AD Self Password...

10CVSS9.8AI score0.0238EPSS
Exploits0References3
CERT
CERT
added 2015/12/16 12:0 a.m.39 views

IPswitch WhatsUp Gold contains multiple XSS vulnerabilities and a SQLi

Overview IPSwitch's WhatsUp Gold version 16.3, and possibly previous versions, is vulnerable to SQL injection and cross-site scripting attacks. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2015-6004The "Find Device" search field does...

6.9CVSS7.7AI score0.02266EPSS
Exploits2References1
CERT
CERT
added 2015/12/10 12:0 a.m.46 views

Amped Wireless R10000 router contains multiple vulnerabilities

Overview Amped Wireless R10000 router, firmware version 2.5.2.11, uses default credentials, is vulnerable to cross-site request forgery, and uses insufficiently random values for DNS queries. Description CWE-255: Credentials Management - CVE-2015-7277The Amped Wireless R10000 web administration...

9.8CVSS8.2AI score0.02387EPSS
Exploits0References1
CERT
CERT
added 2015/12/10 12:0 a.m.45 views

Netgear G54/N150 Wireless Router WNR1000v3 uses insufficiently random values for DNS queries

Overview Netgear G54/N150 Wireless Router WNR1000v3, firmware version 1.0.2.68 and possibly earlier, uses insufficiently random values for DNS queries and is vulnerable to DNS spoofing attacks. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-8263The Netgear G54/N150 Wireless...

8.6CVSS8.8AI score0.0183EPSS
Exploits0References1
CERT
CERT
added 2015/12/10 12:0 a.m.28 views

Buffalo AirStation Extreme N600 Router WZR-600DHP2 uses insufficiently random values for DNS queries

Overview Buffalo AirStation Extreme N600 Router WZR-600DHP2, firmware versions 2.09, 2.13, 2.16, and possibly others, uses insufficiently random values for DNS queries and is vulnerable to DNS spoofing attacks. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-8262The Buffalo...

6.8CVSS7.1AI score0.01107EPSS
Exploits0References3
CERT
CERT
added 2015/12/10 12:0 a.m.41 views

ReadyNet WRT300N-DD Wireless Router contains multiple vulnerabilities

Overview ReadyNet WRT300N-DD Wireless Router, firmware version 1.0.26, uses default credentials, is vulnerable to cross-site request forgery, and uses insufficiently random values for DNS queries. Description CWE-255: Credentials Management - CVE-2015-7280The ReadyNet WRT300N-DD Wireless Router...

10CVSS8.3AI score0.02431EPSS
Exploits0References1
CERT
CERT
added 2015/12/10 12:0 a.m.46 views

ZyXEL NBG-418N router uses default credentials and is vulnerable to cross-site request forgery

Overview ZyXEL NBG-418N router, firmware version 1.00AADZ.3C0, uses default credentials and is vulnerable to cross-site request forgery. Description CWE-255: Credentials Management - CVE-2015-7283The ZyXEL NBG-418N web administration interface uses non-random default credentials of admin:1234. A...

9.3CVSS8.2AI score0.03715EPSS
Exploits0References1
CERT
CERT
added 2015/12/08 12:0 a.m.30 views

Up.time agent for Windows contains multiple vulnerabilities

Overview The Up.time client for Windows is vulnerable to an format string attack as well as a buffer overflow, and may allow unauthenticated users to perform certain commands. Description CWE-134: Uncontrolled Format String - CVE-2015-2894For version 6.0 and 7.2, an unauthenticated attacker on th...

7.5CVSS6.8AI score0.01902EPSS
Exploits0References2
CERT
CERT
added 2015/12/08 12:0 a.m.29 views

TaxiHail Android mobile app contains multiple vulnerabilties

Overview Mobile Knowledge's TaxiHail is vulnerable to information disclosure and missing encryption of sensitive data. Description The Mobile Knowledge TaxiHail framework "allows passengers to book and manage their own reservations via iOS, android or the web in real-time, alleviating call...

6.7AI score
Exploits0References2
CERT
CERT
added 2015/12/04 12:0 a.m.25 views

Lenovo Solution Center LSCTaskService privilege escalation, directory traversal, and CSRF

Overview The Lenovo Solution Center application contains multiple vulnerabilities that can allow an attacker to execute arbitrary code with SYSTEM privileges. Description CWE-732: Incorrect Permission Assignment for Critical Resource Launching the Lenovo Solution Center creates a process called...

8.1AI score
Exploits0References2
CERT
CERT
added 2015/12/01 12:0 a.m.36 views

Epiphany Cardio Server is vulnerable to SQL and LDAP injection

Overview The Epiphany Cardio Server is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights. Description Epiphany Cardio Server was reported as being vulnerable to the following issues:CWE-89: Improper Neutralization of Special Elements...

9.8CVSS10AI score0.01875EPSS
Exploits0References3
CERT
CERT
added 2015/11/30 12:0 a.m.95 views

RSI Video Technologies Videofied security system Frontel software uses an insecure custom protocol

Overview RSI Video Technologies' Videofied security system uses a software named Frontel to monitor alarm status. Frontel uses an insecure custom protocol to communicate with its Frontel server. Description Frontel uses a custom protocol running on TCP port 888. The protocol performs an...

5.9CVSS5.2AI score0.01356EPSS
Exploits3References4
CERT
CERT
added 2015/11/25 12:0 a.m.77 views

Embedded devices use non-unique X.509 certificates and SSH host keys

Overview Embedded devices use non-unique X.509 certificates and SSH host keys that can be leveraged in impersonation, man-in-the-middle, or passive decryption attacks. Description CWE-321: Use of Hard-coded Cryptographic Key - Multiple CVEsResearch by Stefan Viehbཬk of SEC Consult has found that...

6.1AI score
Exploits0References8
CERT
CERT
added 2015/11/24 12:0 a.m.21 views

Dell Foundation Services installs root certificate and private key (eDellRoot)

Overview Dell Foundation Services installs the eDellRoot certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle MiTM, and passive...

6.6AI score
Exploits0References13
CERT
CERT
added 2015/11/24 12:0 a.m.29 views

Dell System Detect installs root certificate and private key (DSDTestProvider)

Overview Dell System Detect installs the DSDTestProvider certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle MiTM, and passive...

6.8AI score
Exploits0References7
CERT
CERT
added 2015/11/23 12:0 a.m.35 views

CSL DualCom GPRS CS2300-R alarm signalling boards contain multiple vulnerabilties

Overview CSL DualCom GPRS CS2300-R alarm signalling boards, firmware versions v1.25 to v3.53, contain multiple vulnerabilties. Description CSL DualCom GPRS CS2300-R alarm signalling boards are secure premises transmitters SPT that notify alarm receiving centers ARC when an alarm system is tripped...

7.5CVSS7.4AI score0.03212EPSS
Exploits4References6
CERT
CERT
added 2015/11/20 12:0 a.m.65 views

ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities

Overview Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. Description CWE-255: Credentials Management - CVE-2009-5149The 'password of the day'...

9.3CVSS7.4AI score0.02479EPSS
Exploits1References13
CERT
CERT
added 2015/11/13 12:0 a.m.425 views

Apache Commons Collections Java library insecurely deserializes data

Overview The Apache Commons Collections ACC library is vulnerable to insecure deserialization of data, which may result in arbitrary code execution. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution. Description CWE-50...

9.8CVSS8.8AI score0.18763EPSS
Exploits1References18
CERT
CERT
added 2015/11/06 12:0 a.m.440 views

Huawei HG532 routers contain a path traversal vulnerability

Overview Huawei HG532 routers, including the HG532e, n, s, and possibly other models, are vulnerable to arbitrary file access through path traversal. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2015-7254In vulnerable Huawei router models,...

5CVSS6.6AI score0.27528EPSS
Exploits2References2
CERT
CERT
added 2015/11/03 12:0 a.m.223 views

ZTE ZXHN H108N R1A routers contain multiple vulnerabilities

Overview ZTE ZXHN H108N R1A router, version ZTE.bhs.ZXHNH108NR1A.hPE, and ZXV10 W300 router, version W300V1.0.0fER1PE, contain multiple vulnerabilities. Description CWE-200: Information Exposure - CVE-2015-7248 Multiple information exposure vulnerabilities enable an attacker to obtain credentials...

10CVSS7.5AI score0.1554EPSS
Exploits4References5
CERT
CERT
added 2015/11/03 12:0 a.m.64 views

Commvault Edge Server deserializes cookie data insecurely

Overview Commvault Edge Server, version 10 R2, deserializes untrusted, user-provided cookie data, resulting in arbitrary OS command execution with the web server's privileges. Description CWE-502: Deserialization of Untrusted Data - CVE-2015-7253Commvault Edge Server, version 10 R2, deserializes...

10CVSS7.7AI score0.04319EPSS
Exploits0References3
Total number of security vulnerabilities3702