Akuvox E11 appears to be using a custom version of dropbear SSH server. This server allows an insecure option that by default is not in the official dropbear SSH server.
Publication date: Fri, 31 Mar 2023 21:15:00 +0000
Cyber News related to CVE-2023-0344
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
7 months ago Cisa.gov
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
3 weeks ago Tenable.com
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
3 months ago Securelist.com
CVE-2023-0344 - Akuvox E11 appears to be using a custom version of dropbear SSH server. This server allows an insecure option that by default is not in the official dropbear SSH server. ...
1 year ago
Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
6 months ago Cybersecuritynews.com
CVE-2014-2670 - Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter, a different vulnerability than CVE-2014-0344. ...
8 years ago
CVE-2009-0344 - Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor ...
5 years ago
CVE-2003-0701 - Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. ...
2 years ago
CVE-2000-0344 - The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value. ...
7 months ago
CVE-2010-0344 - SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
13 years ago
CVE-2008-0344 - Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07. ...
11 years ago
CVE-2014-0344 - Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in conjunction with a true value of the edit parameter. ...
7 months ago
CVE-2002-0344 - Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. ...
7 years ago
CVE-2004-0344 - Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter. ...
7 years ago
CVE-2015-0344 - Cross-site scripting (XSS) vulnerability in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
7 years ago
CVE-2005-0344 - Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allows remote authenticated users to upload and execute arbitrary files via a .. (dot dot) in the filename parameter. ...
6 years ago
CVE-2006-0344 - Directory traversal vulnerability in Intervations FileCOPA FTP Server 1.01 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the (1) STOR and (2) RETR commands. ...
6 years ago
CVE-2011-0344 - Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote ...
6 years ago
CVE-2007-0344 - Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string ...
6 years ago
CVE-2016-0344 - Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified ...
6 years ago
CVE-1999-0344 - NT users can gain debug-level access on a system process using the Sechole exploit. ...
5 years ago
CVE-2001-0344 - An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account. ...
5 years ago
CVE-2017-0344 - All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape may allow users to gain access to arbitrary physical memory, leading to escalation of privileges. ...
4 years ago
CVE-2018-0344 - A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected ...
4 years ago