SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash
Max CVSS
7.2
EPSS Score
0.04%
Published
2024-03-28
Updated
2024-03-28
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware
Max CVSS
7.5
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE
Max CVSS
9.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
CWE-287: Improper Authentication may allow Authentication Bypass
Max CVSS
10.0
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-12-13
Updated
2023-12-18
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
EisBaer Scada - CWE-256: Plaintext Storage of a Password
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
EisBaer Scada - CWE-285: Improper Authorization
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
EisBaer Scada - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-25
Updated
2023-11-01
Soundminer – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-09-27
Updated
2023-09-29
Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-09-27
Updated
2023-09-28
SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') by an unauthenticated user
Max CVSS
8.8
EPSS Score
0.07%
Published
2023-09-27
Updated
2023-09-27
SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method
Max CVSS
7.2
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-09-27
SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-09-27
SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-09-27
Updated
2023-09-27
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-03
Updated
2023-09-08
 A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
Max CVSS
7.4
EPSS Score
0.05%
Published
2023-09-03
Updated
2023-09-07
154 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!