映射到 CWE-287 的搜索结果 (1087)

CVE-2012-0803(发布:2017-08-08 17:29:00)NMCOPS
CVSS7.5

[CNNVD]Apache CXF安全绕过漏洞--Apache是一款流行免费的开放源代码WEB服务器,运行在多种Unix和Linux系统平台下,也可运行于Windows平台下。 Apache CXF 2.4.5版本和2.5.1版本中存在安全绕过漏洞。攻击者可利用此漏洞绕过UsernameToken政策并获取对受限服务的访问权。

CVE-2017-11151(发布:2017-08-08 11:29:07)NP
CVSS7.5

[原文]A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action.

CVE-2017-9939(发布:2017-08-07 20:29:00)NMS
CVSS7.5

[原文]A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations.

CVE-2017-6871(发布:2017-08-07 20:29:00)NM
CVSS4.6

[原文]A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). An attacker with physical access to an unlocked mobile device, that has the affected app running, could bypass the app's authentication mechanism under certain conditions.

CVE-2015-7871(发布:2017-08-07 16:29:00)NMPS
CVSS7.5

[原文]Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

CVE-2017-12477(发布:2017-08-07 11:29:00)NP
CVSS10.0

[原文]It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system.

首页上一页4567891011下一页尾页 第6页 / 共182页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站