• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-306

CVE-2021-31868

February 23, 2023 by

Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to view and edit any ticket in the legacy ticketing feature, regardless of the assignment of the ticket. This issue was resolved in version 6.6.96, released on August 4, 2021.

CVE-2021-31793

February 23, 2023 by

An issue exists on NightOwl WDB-20-V2 WDB-20-V2_20190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via the /snapshot URI.

CVE-2021-31337

February 23, 2023 by

The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

CVE-2021-30462

February 23, 2023 by

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.

CVE-2021-30167

February 23, 2023 by

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

CVE-2021-30190

February 23, 2023 by

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 93
  • Go to page 94
  • Go to page 95
  • Go to page 96
  • Go to page 97
  • Interim pages omitted …
  • Go to page 124
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE