7.4AI Score
0.0004EPSS
CVE-2024-4235 Netgear DG834Gv5 Web Management Interface cleartext storage
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been...
2.7CVSS
6.8AI Score
0.0004EPSS
Cisco Unified MeetingPlace Web Conferencing Unauthorized Password Change Security Bypass
According to its self-reported version number, the installation of Cisco Unified MeetingPlace Web Conferencing hosted on the remote web server is potentially affected by a security bypass vulnerability due to the lack of validation of the current password and HTTP session ID during a password...
6.7AI Score
0.002EPSS
CVE-2024-3468 Deserialization of Untrusted Data in AVEVA PI Web API
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an...
0.0004EPSS
CVE-2024-3468 Deserialization of Untrusted Data in AVEVA PI Web API
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an...
7.3AI Score
0.0004EPSS
CVE-2024-5798 Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims
Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...
2.6CVSS
0.0004EPSS
Progress MOVEit Transfer Web Interface Detection
The web interface for Progress MOVEit Transfer (formerly known as Ipswitch MOVEit DMZ) was detected on the remote host. This plugin does not attempt to detect the...
7AI Score
Quest DR Series Appliance Web Detection
The web interface for a Quest DR Series disk backup appliance, formerly Dell DR Series, was detected on the remote...
1.5AI Score
Veritas NetBackup Appliance Web Console Detection
An administrative web console for Veritas NetBackup Appliance, a device for storage and backup applications, is running on the remote...
7.1AI Score
VMware Aria Operations Web UI Detection
The remote web server is running the web UI for VMWare Aria Operations (formerly VMware vRealize Operations Manager), a cloud operations management...
7.5AI Score
Schneider Electric InduSoft Web Studio Detection
The remote host is running Schneider Electric InduSoft Web Studio, a software application for managing and monitoring remote SCADA...
0.8AI Score
Visualware MyConnection Server Web Default Credentials
The remote host is configured to accept the default credentials for Visualware MyConnection Server (MCS), a web-based network quality management application. A remote attacker can exploit this to gain administrative...
3AI Score
Advantech WebAccess Web Administration Interface Detection
The remote host is running a web interface for Advantech WebAccess, a web-based SCADA HMI...
2AI Score
IBM Cognos Analytics Web Interface Detection
The web interface for IBM Cognos Analytics was detected on the remote...
1.3AI Score
Cisco EPN Manager Detection (Web UI)
The remote host is running Cisco Evolved Programmable Network (EPN) Manager, an application used for element and network management across converged access, aggregation, and core...
1.4AI Score
Johnson Controls exacqVision Web Service Detection
The Johnson Controls exacqVision Web Service, a web application allowing users to use a web browser to view live video, search and play back recorded video, and control pan/tilt/zoom functions on cameras connected to exacqVision servers, is running on the remote...
2.8AI Score
Hikvision IP Camera Web Interface Detection
Nessus was able to detect the web interface for a Hikvision IP camera on the remote...
1.1AI Score
Emerson SM-Ethernet Web Interface Detection
The remote host is running an Emerson SM-Ethernet web interface, part of a software platform for managing and monitoring remote SCADA...
2.2AI Score
IBM Storwize Web Management Interface Detection
The remote host is running a web management interface for administering an IBM Storwize device, a storage management...
1.6AI Score
Microsoft Azure CycleCloud Web Interface Detection
The web interface for Microsoft Azure CycleCloud was detected on the remote...
0.8AI Score
SolarWinds Web Help Desk Installed (Windows)
SolarWinds Web Help Desk was detected on the remote Windows...
1.3AI Score
Cisco DNA Spaces Connector Web Detection.
The web user interface for Cisco DNA Spaces Connector was detected on the remote host. Note that HTTP form credentials are required to retrieve version...
2.3AI Score
HP DesignJet Printer Web Interface Detection
The web interface for HP DesignJet Printer was detected on the remote...
1.1AI Score
QLogic QConvergeConsole GUI Web Interface Detection
Nessus was able to detect the QLogic QConvergeConsole web interface for a network interface management tool on the remote...
1.1AI Score
Schneider Electric InduSoft Web Studio Detection
The remote host has Schneider Electric InduSoft Web Studio installed. This is a development and maintenance software for wireless SCADA...
1.2AI Score
VMware vRealize Automation Web UI Detection
The remote web server is running the web UI for VMware vRealize Automation, a cloud automation virtual appliance. Note: To obtain accurate version and build information provide HTTP basic authentication...
2.5AI Score
Tridium Niagara AX Web Server Detection
The remote host is running the Tridium Niagara AX Web Server, Tridium Niagara AX is a development framework used to create software for use in SCADA...
1.5AI Score
Exploit for OS Command Injection in Gitlab
CVE-2022-2185 wo ee cve-2022-2185 gitlab authenticated rce...
9.9CVSS
8.5AI Score
0.497EPSS
HP PageWide Printer Web Interface Detection
The remote host is an HP PageWide printer. It is possible to obtain the product, firmware versions, and more via the web...
3.2AI Score
ShareFile Storage Zones Controller Web Detection
The web interface for Citrix ShareFile Storage Zones Controller was detected on the remote host. ShareFile is a secure content collaboration, file sharing and sync solution. Storage Zones Controller provides private data storage, either an on-premises network share that you manage or a supported...
0.7AI Score
Cisco Telepresence Management Suite Web Detection
This script uses Windows credentials to detect whether the remote host is running Cisco Telepresence Management Suite, a video conferencing application, and extracts the version number if...
2AI Score
NetApp SANtricity Web Services Proxy Detection
The remote host is running NetApp SANtricity Web Services Proxy, which provides a REST API for managing NetApp...
2.1AI Score
Western Digital MyCloud Web Interface Detection
Nessus was able to detect the web administration interface for a Western Digital MyCloud device on the remote...
1.3AI Score
Trend Micro OfficeScan Web Interface Detection
Trend Micro OfficeScan, an enterprise security platform, is running on the remote host. It is possible to extract version information if login credentials are...
2AI Score
Western Digital TV Web Interface Detection
Nessus was able to detect the web administration interface for a Western Digital TV device on the remote...
1.3AI Score
Honeywell Excel (XL) Web Controller Detection
The remote host is a Honeywell Excel (XL) Web SCADA controller, a system for HVAC control applications and building automation...
1.7AI Score
McAfee Web Reporter Detection (remote check)
McAfee Web Reporter, a reporting tool used to identify internet usage in an organization, is installed on the remote...
0.3AI Score
McAfee Web Reporter Installed (credentialed check)
McAfee Web Reporter, a reporting tool used to identify Internet usage in an organization, is installed on the remote Windows...
1.1AI Score
CVE-2024-5798 Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims
Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...
2.6CVSS
6.9AI Score
0.0004EPSS
5.4CVSS
6.7AI Score
0.0005EPSS
design-interior.ck.ua Cross Site Scripting vulnerability OBB-3905563
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
SonicWall Email Security Web Interface Detected
Detects the web interface for SonicWall Email Security on the remote...
0.7AI Score
Grandstream Networking Solutions Device Web Detection
The web interface for a Grandstream Networking Solutions device, such as a router or wireless access point, was detected on the remote...
2.2AI Score
CyberArk Password Vault Web Access Detection
CyberArk Password Vault Web Access, a web application to interface with the CyberArk Password Vault server, is running on the remote...
2AI Score
Meinberg LANTIME Web Interface Unspecified XSS
The remote host is running Meinberg LANTIME firmware that is affected by an XSS vulnerability due to improper validation of user-supplied input in the web interface. This allows a remote, unauthenticated attacker to execute arbitrary script...
3.3AI Score
Cisco UCS Director Web UI Detection
The login page for Cisco UCS Director, an infrastructure provisioning and management system, was detected on the remote...
1.3AI Score
CVE-2024-30370 RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability
RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action....
4.3CVSS
5AI Score
0.0005EPSS
CVE-2024-30370 RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability
RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action....
4.3CVSS
6.9AI Score
0.0005EPSS
MinIO information disclosure vulnerability
Impact If-Modified-Since If-Unmodified-Since Headers when used with anonymous requests by sending a random object name requests you can figure out if the object exists or not on the server on a specific bucket and also gain access to some amount of information such as Last-Modified (of the...
5.3CVSS
6.9AI Score
0.0004EPSS
High severity vulnerability that affects io.vertx:vertx-web
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired...
8.8CVSS
3.4AI Score
0.011EPSS