Show filters
14,897 Total Results
Displaying 171-180 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2023-28703

Disclosure Date: May 30, 2023 (last updated February 25, 2025)
ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate service.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2023-20110

Disclosure Date: May 17, 2023 (last updated February 25, 2025)
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read sensitive data on the underlying database.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2022-42469

Disclosure Date: April 11, 2023 (last updated February 24, 2025)
A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2023-24483

Disclosure Date: February 15, 2023 (last updated February 24, 2025)
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
Attack Vector: LocalPrivileges: LowUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2023-23076

Disclosure Date: February 01, 2023 (last updated February 24, 2025)
OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedules.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2022-45857

Disclosure Date: January 05, 2023 (last updated February 24, 2025)
An incorrect user management vulnerability [CWE-286] in the FortiManager version 6.4.6 and below VDOM creation component may allow an attacker to access a FortiGate without a password via newly created VDOMs after the super_admin account is deleted.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
1
0
Attacker Value
Unknown

CVE-2022-34713

Disclosure Date: August 09, 2022 (last updated January 11, 2025)
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
1
0
Attacker Value
Unknown

CVE-2022-22048

Disclosure Date: July 12, 2022 (last updated November 29, 2024)
BitLocker Security Feature Bypass Vulnerability
1
0
Attacker Value
Unknown

CVE-2022-22306

Disclosure Date: May 24, 2022 (last updated February 23, 2025)
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the FortiGate and some peers such as private SDNs and external cloud platforms.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2022-26925

Disclosure Date: May 10, 2022 (last updated February 23, 2025)
Windows LSA Spoofing Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
0
View More Topics  < Previous  Next >