CentOS 8 : thunderbird (CESA-2020:0577)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0577 advisory. Mozilla: Message ID calculation was based on uninitialized data (CVE-2020-6792) Mozilla: Out-of-bounds read when processing certain email messages...
8.8AI Score
CentOS 8 : firefox (CESA-2020:0512)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0512 advisory. Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Incorrect parsing of template tag could result in...
-0.1AI Score
There is an out-of-bounds read vulnerability in several...
7AI Score
0.001EPSS
Some Huawei products have a command injection...
7.7AI Score
0.0004EPSS
There is a denial of service vulnerability in some Huawei...
7AI Score
0.001EPSS
Huawei Data Communication: Out of Bounds Read Vulnerability in Several Products
There is an out-of-bounds read vulnerability in several...
7AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions...
6.5CVSS
6.5AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions...
6.5CVSS
6.4AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....
6.5CVSS
6.4AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....
6.5CVSS
6.4AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions...
6.6AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....
6.6AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: January 12, 2021
Description of the security update for SharePoint Foundation 2013: January 12, 2021 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.1AI Score
0.017EPSS
Security Advisory - Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the.....
6.1AI Score
0.001EPSS
Security Advisory - Privilege Escalation Vulnerability in Huawei Product
There is a privilege escalation vulnerability in some Huawei products. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise...
6.6AI Score
0.0004EPSS
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of...
7.5CVSS
7.3AI Score
0.001EPSS
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal...
7.8CVSS
7.7AI Score
0.001EPSS
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of...
7.5CVSS
7.3AI Score
0.001EPSS
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory...
7.5CVSS
7.5AI Score
0.002EPSS
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal...
7.8CVSS
7.7AI Score
0.001EPSS
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory...
7.5CVSS
7.5AI Score
0.002EPSS
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal...
7.8AI Score
0.001EPSS
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of...
7.4AI Score
0.001EPSS
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory...
7.5AI Score
0.002EPSS
Huawei CloudEngine 1800V Denial of Service Vulnerability
Huawei CloudEngine 1800V is an 1800V series data center switch from Huawei of China. Huawei CloudEngine 1800V denial of service vulnerability can be exploited by remote attackers to submit special requests that can prevent messages received by the system from being forwarded properly for denial of....
7.5CVSS
4.1AI Score
CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded...
7.5CVSS
7.4AI Score
0.001EPSS
CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded...
7.5CVSS
7.4AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service...
6.5CVSS
6.5AI Score
0.001EPSS
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service...
6.5CVSS
6.4AI Score
0.001EPSS
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful...
6.7CVSS
6.6AI Score
0.0004EPSS
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful...
6.7CVSS
6.7AI Score
0.0004EPSS
CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded...
7.5AI Score
0.001EPSS
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful...
6.7AI Score
0.0004EPSS
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service...
6.6AI Score
0.001EPSS
Security Advisory - Memory Leak Vulnerability in Huawei CloudEngine Product
There is a memory leak vulnerability in Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak. (Vulnerability ID:....
7AI Score
0.002EPSS
Security Advisory - Out of Bound Read Vulnerability in Huawei Product
There is an out of bound read vulnerability in some products. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service. (Vulnerability ID: HWPSIRT-2020-24601) This vulnerability has been assigned....
6.9AI Score
0.001EPSS
Security Advisory - Improper Authentication Vulnerability in Huawei Product
There is an improper authentication vulnerability in Huawei Products. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service. (Vulnerability ID:...
7.3AI Score
0.001EPSS
Security Advisory - Information Leak Vulnerability in Huawei Product
There is an information leak vulnerability in Huawei product. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak. (Vulnerability ID: HWPSIRT-2020-06053) This vulnerability has been...
6.3AI Score
0.001EPSS
Security Advisory - Out Of Bound Read Vulnerability in Huawei Smartphone
There is an out-of-bound read vulnerability in huawei smartphone Mate 30. An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the...
6.1AI Score
0.0004EPSS
NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0093)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a...
9.9AI Score
NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2020-0097)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially...
9.9AI Score
Description of the security update for SharePoint Foundation 2013: December 8, 2020
Description of the security update for SharePoint Foundation 2013: December 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.7AI Score
0.025EPSS
The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access...
9.8CVSS
8.7AI Score
0.003EPSS
The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access...
9.8CVSS
7AI Score
0.003EPSS
The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access...
9.1AI Score
0.003EPSS
Chromium is vulnerable to content security bypass. An attacker may by pass content security via a crafted HTML...
6.5CVSS
1.5AI Score
Security Advisory - Resource Management Error Vulnerability in Huawei CloudEngine 1800V Product
CloudEngine 1800V product has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded normally. (Vulnerability ID: HWPSIRT-2020-86502) This vulnerability has...
7.1AI Score
0.001EPSS
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
There is a privilege escalation vulnerability in some Huawei products. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation. (Vulnerability ID:...
6.5AI Score
0.0004EPSS
Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions include:NIP6300...
6.7CVSS
6.7AI Score
0.0004EPSS
There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions...
7.5CVSS
7.3AI Score
0.001EPSS