Page 2 of 37 results (0.008 seconds)

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

12 Dec 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges. Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). Los productos afectados no validan correctamente el certificad... • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-295: Improper Certificate Validation •

CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0

10 Jan 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 0

10 Jan 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.9EPSS: 19%CPEs: 4EXPL: 0

10 Jan 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.4EPSS: 1%CPEs: 9EXPL: 1

18 Oct 2022 — A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material. Existe una aleatoriedad débil en la vulnerabilidad k... • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •

CVSS: 6.5EPSS: 3%CPEs: 11EXPL: 1

18 Oct 2022 — The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. El analizador llhttp en el módulo http en Node v18.7.0 no maneja correctamente los campos de encabezado que no terminan con CLRF. Esto puede resultar en tráfico ilegal de solicitudes HTTP. A vulnerability was found in NodeJS due to improper validation of HTTP requests. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 8.1EPSS: 0%CPEs: 13EXPL: 0

14 Jul 2022 — A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. Se presenta una vulnerabilidad de inyección de comandos en el Sistema Operativo en Node.js versiones anteriores a 14.20.0, anteriores a 16.16.0, anteriores a 18.5.0, debido a una comprobación insuficiente de IsAllowedHost ... • https://hackerone.com/reports/1632921 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-284: Improper Access Control CWE-703: Improper Check or Handling of Exceptional Conditions •

CVSS: 6.5EPSS: 89%CPEs: 15EXPL: 1

14 Jul 2022 — The llhttp parser

CVSS: 6.5EPSS: 89%CPEs: 16EXPL: 1

14 Jul 2022 — The llhttp parser

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1

14 Jul 2022 — A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3. Se presenta una vulnerabilidad criptográfica en Node.js en linux en versiones 18.x anteriores a 18.40.0, que permitía una ruta por defecto para openssl.cnf que podría ser accesible en algunas circunstancias para un usuar... • https://hackerone.com/reports/1695596 • CWE-310: Cryptographic Issues CWE-427: Uncontrolled Search Path Element •