|Max CVSS||10.0||Min CVSS||7.5||Total Count||7|
|ID||CVSS||Summary||Last (major) update||Published|
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execu
|28-11-2016 - 14:09||10-12-2013 - 11:11|
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
|14-07-2014 - 09:33||11-07-2014 - 15:55|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue because of dependency on the victim's direct involvement in modifying
|09-12-2013 - 13:55||09-12-2013 - 13:55|
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
|25-09-2013 - 14:07||17-09-2013 - 08:04|
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
|17-09-2013 - 14:37||17-09-2013 - 08:04|
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
|17-09-2013 - 14:35||17-09-2013 - 08:04|
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a stan
|17-09-2013 - 12:15||17-09-2013 - 08:04|