| Severity | Description | ||||||
|---|---|---|---|---|---|---|---|
| CVE-2026-4433 | Unscored | - | 0.2% | - | -No fix available yet | 2026-03-24 | An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host. |
| CVE-2025-12221 | High | 8.8 v3 | 0.2% | - | Fix available | 2025-10-25 | Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. |
| CVE-2025-20151 | Medium | 4.3 v3 | 0.3% | - | -No fix available yet | 2025-05-07 | A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied. Note: The attacker |
| CVE-2024-46909 | Critical | 9.8 v3 | 49% | - | Fix available | 2024-12-02 | In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. |
| CVE-2018-11922 | Critical | 9.8 v3 | 0.2% | - | -No fix available yet | 2024-11-26 | Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. |
| CVE-2024-47294 | Medium | 4.4 v3 | 0.2% | - | -No fix available yet | 2024-09-27 | Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2024-47291 | Medium | 5.6 v3 | 0.1% | - | -No fix available yet | 2024-09-27 | Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2024-42031 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2024-08-08 | Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2024-32991 | High | 7.5 v3 | 0.5% | - | -No fix available yet | 2024-05-14 | Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. |
| CVE-2023-52719 | High | 7.1 v3 | 0.2% | - | -No fix available yet | 2024-05-14 | Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2023-33105 | High | 7.5 v3 | 0.8% | - | -No fix available yet | 2024-03-04 | Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. |
| CVE-2023-33076 | Medium | 5.9 v3 | 0.1% | - | -No fix available yet | 2024-02-06 | Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. |
| CVE-2023-43088 | High | 7.2 v3 | 0.3% | - | Fix available | 2023-12-22 | Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device. |
| CVE-2023-39385 | Critical | 9.1 v3 | 0.3% | - | -No fix available yet | 2023-08-13 | Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access. |
| CVE-2023-39392 | High | 7.5 v3 | 0.2% | - | -No fix available yet | 2023-08-13 | Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten. |
| CVE-2022-33233 | High | 7.8 v3 | 0.1% | - | -No fix available yet | 2023-02-12 | Memory corruption due to configuration weakness in modem wile sending command to write protected files. |
| CVE-2022-43516 | Medium | 6.5 v3 | 0.9% | - | Fix available | 2022-12-05 | A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI) |
| CVE-2022-28762 | High | 7.3 v3 | 0.3% | - | Fix available | 2022-10-14 | Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client. |
| CVE-2022-36423 | High | 7.4 v3 | 0.3% | - | -No fix available yet | 2022-09-09 | OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. |
| CVE-2022-37397 | High | 8.3 v3 | 0.8% | - | -No fix available yet | 2022-08-12 | An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password. |
| CVE-2022-29095 | High | 8.3 v3 | 1.1% | - | -No fix available yet | 2022-06-10 | Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to execution of malicious code on a vulnerable system. |
| CVE-2022-22183 | High | 7.5 v3 | 1.0% | - | -No fix available yet | 2022-04-14 | An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS. |
| CVE-2021-22957 | High | 8.8 v3 | 0.9% | - | Fix available | 2021-11-24 | A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later. |
| CVE-2021-35233 | Medium | 5.3 v3 | 0.9% | - | -No fix available yet | 2021-10-27 | The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will respond to requests that use these methods by returning exact HTTP request that was received in the response to the client. This may lead to the disclosure of sensitive information such as internal authentication headers appended by reverse proxies. |
| CVE-2021-31381 | Medium | 6.5 v3 | 1.1% | - | Fix available | 2021-10-19 | A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system. |
| CVE-2021-31380 | Medium | 5.3 v3 | 1.1% | - | Fix available | 2021-10-19 | A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive information. |
| CVE-2021-20032 | Critical | 9.8 v3 | 2.0% | - | -No fix available yet | 2021-08-10 | SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier. |
| CVE-2021-21532 | Medium | 5.0 v3 | 0.2% | - | Fix available | 2021-04-02 | Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. |
| CVE-2021-0222 | High | 7.4 v3 | 0.6% | - | -No fix available yet | 2021-01-15 | A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent to the RE. Over time, a Denial of Service (DoS) occurs. Continued receipt of these crafted protocol packets will cause an extended Denial of Service (DoS) condition, which may cause wider traffic impact due to protocol flapping. An indication of compromise is to check "monitor interface traffic" on the ingress and egress port packet counts. For each ingress packet, two duplicate packets are seen on egress. This issue can be triggered by IPv4 and IPv6 packets. This issue affects all traffic throu |
| CVE-2020-8351 | High | 7.8 v3 | 0.3% | - | Fix available | 2020-11-30 | A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. |
| CVE-2020-8353 | Medium | 6.7 v3 | 0.5% | - | Fix available | 2020-11-11 | Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. This could allow an administrative user with local access to configure Intel AMT. |
| CVE-2019-15993 | Medium | 5.3 v3 | 10% | - | Fix available | 2020-09-23 | A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the attacker to access sensitive device information, which includes configuration files. |
| CVE-2020-16247 | Medium | 6.8 v3 | 0.3% | - | -No fix available yet | 2020-09-18 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. |
| CVE-2020-2041 | High | 7.5 v3 | 2.1% | - | Fix available | 2020-09-09 | An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16. |
| CVE-2020-3484 | Medium | 5.3 v3 | 1.1% | - | -No fix available yet | 2020-08-26 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to view potentially sensitive information on the affected device. |
| CVE-2019-19097 | Medium | 5.9 v3 | 0.7% | - | -No fix available yet | 2020-04-02 | ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection. |
| CVE-2019-19092 | Low | 3.5 v3 | 0.8% | - | -No fix available yet | 2020-04-02 | ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed. |
| CVE-2019-19091 | Medium | 4.3 v3 | 0.8% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. |
| CVE-2019-19090 | Low | 3.5 v3 | 0.5% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping. |
| CVE-2019-19089 | Medium | 6.1 v3 | 1.0% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript. |
| CVE-2019-19003 | Medium | 5.3 v3 | 0.8% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting. |
| CVE-2019-19002 | Medium | 6.3 v3 | 0.8% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting. |
| CVE-2019-19001 | Medium | 6.5 v3 | 1.5% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials. |
| CVE-2019-19000 | Medium | 6.5 v3 | 1.1% | - | -No fix available yet | 2020-04-02 | For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information. |
| CVE-2020-1769 | Low | 3.5 v3 | 1.3% | - | Fix available | 2020-03-27 | In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions. |
| CVE-2019-18579 | Medium | 6.8 v3 | 0.3% | - | Fix available | 2019-12-16 | Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot. |
| CVE-2019-16760 | Medium | 4.6 v3 | 1.3% | - | Fix available | 2019-09-30 | Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, which could be squatted on crates.io to be a malicious package. This not only affects manifests that you write locally yourself, but also manifests published to crates.io. Rust 1.0.0 through Rust 1.25.0 is affected by this advisory because Cargo will ignore the `package` key in manifests. Rust 1.26.0 through Rust 1.30.0 are not affected and typically will emit an error because the `package` key is unstable. Rust 1.31.0 and after are not affected because Cargo understands the `package` key. U |
| CVE-2019-3949 | Critical | 9.8 v3 | 1.2% | - | Fix available | 2019-07-09 | Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or download arbitrary files and possibly execute malicious code on the device. |
| CVE-2019-1868 | High | 7.5 v3 | 2.1% | - | -No fix available yet | 2019-06-05 | A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the web-based management interface. An attacker could exploit this vulnerability by sending a malicious request to an affected device. A successful exploit could allow the attacker to access sensitive system information. |
| CVE-2019-3939 | Critical | 9.8 v3 | 2.8% | - | -No fix available yet | 2019-04-30 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use these credentials to gain privileged access to the device. |
- UnscoredCVSS -·EPSS 0.2%·No fix yet
An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host.
Published 2026-03-24
- HighCVSS 8.8 v3·EPSS 0.2%·Fix available
Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
Published 2025-10-25
- MediumCVSS 4.3 v3·EPSS 0.3%·No fix yet
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied. Note: The attacker
Published 2025-05-07
- CriticalCVSS 9.8 v3·EPSS 49%·Fix available
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.
Published 2024-12-02
- CriticalCVSS 9.8 v3·EPSS 0.2%·No fix yet
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
Published 2024-11-26
- MediumCVSS 4.4 v3·EPSS 0.2%·No fix yet
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.
Published 2024-09-27
- MediumCVSS 5.6 v3·EPSS 0.1%·No fix yet
Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.
Published 2024-09-27
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Published 2024-08-08
- HighCVSS 7.5 v3·EPSS 0.5%·No fix yet
Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability.
Published 2024-05-14
- HighCVSS 7.1 v3·EPSS 0.2%·No fix yet
Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Published 2024-05-14
- HighCVSS 7.5 v3·EPSS 0.8%·No fix yet
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
Published 2024-03-04
- MediumCVSS 5.9 v3·EPSS 0.1%·No fix yet
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
Published 2024-02-06
- HighCVSS 7.2 v3·EPSS 0.3%·Fix available
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.
Published 2023-12-22
- CriticalCVSS 9.1 v3·EPSS 0.3%·No fix yet
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
Published 2023-08-13
- HighCVSS 7.5 v3·EPSS 0.2%·No fix yet
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten.
Published 2023-08-13
- HighCVSS 7.8 v3·EPSS 0.1%·No fix yet
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
Published 2023-02-12
- MediumCVSS 6.5 v3·EPSS 0.9%·Fix available
A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
Published 2022-12-05
- HighCVSS 7.3 v3·EPSS 0.3%·Fix available
Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client.
Published 2022-10-14
- HighCVSS 7.4 v3·EPSS 0.3%·No fix yet
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.
Published 2022-09-09
- HighCVSS 8.3 v3·EPSS 0.8%·No fix yet
An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password.
Published 2022-08-12
- HighCVSS 8.3 v3·EPSS 1.1%·No fix yet
Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to execution of malicious code on a vulnerable system.
Published 2022-06-10
- HighCVSS 7.5 v3·EPSS 1.0%·No fix yet
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS.
Published 2022-04-14
- HighCVSS 8.8 v3·EPSS 0.9%·Fix available
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.
Published 2021-11-24
- MediumCVSS 5.3 v3·EPSS 0.9%·No fix yet
The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will respond to requests that use these methods by returning exact HTTP request that was received in the response to the client. This may lead to the disclosure of sensitive information such as internal authentication headers appended by reverse proxies.
Published 2021-10-27
- MediumCVSS 6.5 v3·EPSS 1.1%·Fix available
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system.
Published 2021-10-19
- MediumCVSS 5.3 v3·EPSS 1.1%·Fix available
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive information.
Published 2021-10-19
- CriticalCVSS 9.8 v3·EPSS 2.0%·No fix yet
SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier.
Published 2021-08-10
- MediumCVSS 5.0 v3·EPSS 0.2%·Fix available
Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.
Published 2021-04-02
- HighCVSS 7.4 v3·EPSS 0.6%·No fix yet
A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent to the RE. Over time, a Denial of Service (DoS) occurs. Continued receipt of these crafted protocol packets will cause an extended Denial of Service (DoS) condition, which may cause wider traffic impact due to protocol flapping. An indication of compromise is to check "monitor interface traffic" on the ingress and egress port packet counts. For each ingress packet, two duplicate packets are seen on egress. This issue can be triggered by IPv4 and IPv6 packets. This issue affects all traffic throu
Published 2021-01-15
- HighCVSS 7.8 v3·EPSS 0.3%·Fix available
A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges.
Published 2020-11-30
- MediumCVSS 6.7 v3·EPSS 0.5%·Fix available
Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. This could allow an administrative user with local access to configure Intel AMT.
Published 2020-11-11
- MediumCVSS 5.3 v3·EPSS 10%·Fix available
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the attacker to access sensitive device information, which includes configuration files.
Published 2020-09-23
- MediumCVSS 6.8 v3·EPSS 0.3%·No fix yet
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Published 2020-09-18
- HighCVSS 7.5 v3·EPSS 2.1%·Fix available
An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16.
Published 2020-09-09
- MediumCVSS 5.3 v3·EPSS 1.1%·No fix yet
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to view potentially sensitive information on the affected device.
Published 2020-08-26
- MediumCVSS 5.9 v3·EPSS 0.7%·No fix yet
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.
Published 2020-04-02
- CVSS 3.5 v3·EPSS 0.8%·No fix yet
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
Published 2020-04-02
- MediumCVSS 4.3 v3·EPSS 0.8%·No fix yet
For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.
Published 2020-04-02
- CVSS 3.5 v3·EPSS 0.5%·No fix yet
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.
Published 2020-04-02
- MediumCVSS 6.1 v3·EPSS 1.0%·No fix yet
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript.
Published 2020-04-02
- MediumCVSS 5.3 v3·EPSS 0.8%·No fix yet
For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting.
Published 2020-04-02
- MediumCVSS 6.3 v3·EPSS 0.8%·No fix yet
For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting.
Published 2020-04-02
- MediumCVSS 6.5 v3·EPSS 1.5%·No fix yet
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials.
Published 2020-04-02
- MediumCVSS 6.5 v3·EPSS 1.1%·No fix yet
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
Published 2020-04-02
- CVSS 3.5 v3·EPSS 1.3%·Fix available
In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
Published 2020-03-27
- MediumCVSS 6.8 v3·EPSS 0.3%·Fix available
Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot.
Published 2019-12-16
- MediumCVSS 4.6 v3·EPSS 1.3%·Fix available
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, which could be squatted on crates.io to be a malicious package. This not only affects manifests that you write locally yourself, but also manifests published to crates.io. Rust 1.0.0 through Rust 1.25.0 is affected by this advisory because Cargo will ignore the `package` key in manifests. Rust 1.26.0 through Rust 1.30.0 are not affected and typically will emit an error because the `package` key is unstable. Rust 1.31.0 and after are not affected because Cargo understands the `package` key. U
Published 2019-09-30
- CriticalCVSS 9.8 v3·EPSS 1.2%·Fix available
Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or download arbitrary files and possibly execute malicious code on the device.
Published 2019-07-09
- HighCVSS 7.5 v3·EPSS 2.1%·No fix yet
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the web-based management interface. An attacker could exploit this vulnerability by sending a malicious request to an affected device. A successful exploit could allow the attacker to access sensitive system information.
Published 2019-06-05
- CriticalCVSS 9.8 v3·EPSS 2.8%·No fix yet
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use these credentials to gain privileged access to the device.
Published 2019-04-30
Uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog.