CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-7279
https://notcve.org/view.php?id=CVE-2019-7279
Optergy Proton/Enterprise devices have Hard-coded Credentials. Los dispositivos Optergy Proton/Enterprise tienen credenciales codificadas. • http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 92%CPEs: 2EXPL: 1CVE-2019-7276 – Optergy 2.3.0a - Remote Code Execution (Backdoor)
https://notcve.org/view.php?id=CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. Los dispositivos Optergy Proton/Enterprise permiten la ejecución remota de código raíz a través de una consola Backdoor. • https://www.exploit-db.com/exploits/47641 http://packetstormsecurity.com/files/171564/Optergy-Proton-And-Enterprise-BMS-2.0.3a-Command-Injection.html http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 - •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11403
https://notcve.org/view.php?id=CVE-2019-11403
In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page. En Gradle Enterprise versiones anteriores a 2018.5.2, Build Cache Nodes reflejaría la contraseña configurada al ver el código fuente HTML de la página de configuración. • https://gradle.com/enterprise/releases/2018.5/#changes-2 https://security.gradle.com/advisory/CVE-2019-11403 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11402
https://notcve.org/view.php?id=CVE-2019-11402
In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. En Gradle Enterprise versiones anteriores a 2018.5.3, Build Cache Nodes no almacenaba las credenciales en un formato cifrado. • https://gradle.com/enterprise/releases/2018.5/#changes-3 https://security.gradle.com/advisory/CVE-2019-11402 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2008-7312
https://notcve.org/view.php?id=CVE-2008-7312
The Filtering Service in Websense Enterprise 5.2 through 6.3 does not consider the IP address during URL categorization, which makes it easier for remote attackers to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server associated with a specific IP address. Filtering Service de Websense Enterprise v5.2 hasta 6.3 no considera la dirección IP durante la categorización de las URL, lo que facilita a los atacantes remotos evitar la filtración a través de una petición HTTP, como se demuestra por una solicitud a un servidor comprometido asociado con una dirección IP específica. • http://www.websense.com/support/article/t-kbarticle/Why-doesn-t-my-Websense-installation-categorize-URLs-and-Permit-Block-in-accordance-with-the-Site-Lookup-Tool-s-categorization https://exchange.xforce.ibmcloud.com/vulnerabilities/78299 • CWE-20: Improper Input Validation •