Lucene search

K

DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660, Security Vulnerabilities

prion
prion

Memory corruption

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code...

9.8CVSS

8.9AI Score

0.056EPSS

2019-12-18 06:15 PM
5
cvelist
cvelist

CVE-2019-8660

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code...

9.2AI Score

0.056EPSS

2019-12-18 05:33 PM
huawei
huawei

Security Advisory - Remote Code Execution Vulnerability in Fastjson

A remote code execution vulnerability exists in the open-source JSON parsing library Fastjson. Remote attackers can send crafted JSON data packets to exploit this vulnerability. Successfully exploit could allow the attacker to execute arbitrary code on the target Fastjson server. (Vulnerability...

8.2AI Score

2019-12-04 12:00 AM
67
nvd
nvd

CVE-2019-5232

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information...

7.5CVSS

7.5AI Score

0.004EPSS

2019-11-29 08:15 PM
cve
cve

CVE-2019-5232

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information...

7.5CVSS

7.5AI Score

0.004EPSS

2019-11-29 08:15 PM
23
prion
prion

Design/Logic Flaw

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information...

7.5CVSS

7.5AI Score

0.004EPSS

2019-11-29 08:15 PM
2
cvelist
cvelist

CVE-2019-5232

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information...

7.5AI Score

0.004EPSS

2019-11-29 07:42 PM
huawei
huawei

Security Advisory - Buffer Overflow Vulnerability in Huawei Atlas Product

There is a buffer overflow vulnerability in Huawei Atlas product. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. (Vulnerability ID: HWPSIRT-2019-08062) This vulnerability has been...

5.5CVSS

5.8AI Score

0.0004EPSS

2019-11-27 12:00 AM
49
huawei
huawei

Security Advisory - Use of Insufficiently Random Values Vulnerability in Huawei ViewPoint Products

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak. (Vulnerability ID: HWPSIRT-2019-10076) This vulnerability has been....

7.5CVSS

7.1AI Score

0.004EPSS

2019-11-20 12:00 AM
60
securelist
securelist

HQWar: the higher it flies, the harder it drops

Mobile dropper Trojans are one of today's most rapidly growing classes of malware. In Q1 2019, droppers are in the 2nd or 3rd position in terms of share of total detected threats, while holding nearly half of all Top 20 places in 2018. Since the droppers' main task is to deliver payload while...

-0.5AI Score

2019-10-02 02:00 PM
67
suse
suse

Security update for neovim (important)

An update that fixes one vulnerability is now available. Description: This update for neovim fixes the following issues: neovim was updated to version 0.3.7: CVE-2019-12735: source should check sandbox (boo#1137443) genappimage.sh: migrate to linuxdeploy Version Update to version 0.3.5: ...

8.6CVSS

-0.3AI Score

0.004EPSS

2019-08-24 12:00 AM
229
googleprojectzero
googleprojectzero

The Fully Remote Attack Surface of the iPhone

Posted by Natalie Silvanovich, Project Zero While there have been several rumours and reports of fully remote vulnerabilities affecting the iPhone being used by attackers in the last couple of years, limited information is available about the technical details of these vulnerabilities, as well...

9.8CVSS

8.9AI Score

0.128EPSS

2019-08-07 12:00 AM
317
threatpost
threatpost

Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages

Five bugs in Apple’s iMessage service for the iPhone have been uncovered that require no user interaction to exploit, including one that would allow remote attackers to access content stored on iOS devices. First discovered by Google Project Zero security researcher Natalie Silvanovich, Apple has.....

0.1AI Score

0.128EPSS

2019-07-30 07:22 PM
300
thn
thn

Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws

Google's cybersecurity researchers have finally disclosed details and proof-of-concept exploits for 4 out of 5 security vulnerabilities that could allow remote attackers to target Apple iOS devices just by sending a maliciously-crafted message over iMessage. All the vulnerabilities, which...

9.8CVSS

2.5AI Score

0.128EPSS

2019-07-30 11:21 AM
276
exploitdb

7.4AI Score

EPSS

2019-07-30 12:00 AM
400
zdt

9.8CVSS

0.4AI Score

0.056EPSS

2019-07-30 12:00 AM
43
nessus
nessus

macOS Sierra / High Sierra Multiple Vulnerabilities (Security Update 2019-004)

The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 and is missing a security update. It is, therefore, affected by multiple vulnerabilities : An application may be able to read restricted memory (CVE-2019-8691, CVE-2019-8692, CVE-2019-8693) Extracting a zip file containing a...

9.8CVSS

8.9AI Score

0.961EPSS

2019-07-26 12:00 AM
37
nessus
nessus

Apple TV < 12.4 Multiple Vulnerabilities

According to its banner, the version of Apple TV on the remote device is prior to 12.4. It is therefore affected by multiple vulnerabilities as described in...

9.8CVSS

AI Score

0.961EPSS

2019-07-26 12:00 AM
22
nessus
nessus

macOS 10.14.x < 10.14.6 Multiple Vulnerabilities

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6. It is, therefore, affected by multiple vulnerabilities : An application may be able to read restricted memory (CVE-2019-8691, CVE-2019-8692, CVE-2019-8693) Extracting a zip file containing a symbolic...

9.8CVSS

8.8AI Score

0.961EPSS

2019-07-26 12:00 AM
41
suse
suse

Security update for neovim (important)

An update that fixes one vulnerability is now available. Description: This update for neovim fixes the following issues: neovim was updated to version 0.3.7: CVE-2019-12735: source should check sandbox (boo#1137443) genappimage.sh: migrate to linuxdeploy Version Update to version 0.3.5: ...

8.6CVSS

-0.3AI Score

0.004EPSS

2019-07-23 12:00 AM
79
openvas
openvas

Apple Mac OS X Security Updates (HT210348)-02

Apple Mac OS X is prone to multiple...

9.8CVSS

7.4AI Score

0.961EPSS

2019-07-23 12:00 AM
44
nessus
nessus

Apple iOS < 12.4 Multiple Vulnerabilities

The version of Apple iOS running on the mobile device is prior to 12.4. It is, therefore, affected by multiple...

2.8AI Score

2019-07-23 12:00 AM
19
apple
apple

About the security content of tvOS 12.4

About the security content of tvOS 12.4 This document describes the security content of tvOS 12.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available....

9.8CVSS

0.3AI Score

0.961EPSS

2019-07-22 12:00 AM
26
apple
apple

About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra

About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra This document describes the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. About Apple security updates For...

9.8CVSS

0.6AI Score

0.961EPSS

2019-07-22 12:00 AM
24
openvas
openvas

openSUSE: Security Advisory for neovim (openSUSE-SU-2019:1759-1)

The remote host is missing an update for...

8.6CVSS

9AI Score

0.004EPSS

2019-07-22 12:00 AM
8
apple
apple

About the security content of iOS 12.4

About the security content of iOS 12.4 This document describes the security content of iOS 12.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent....

9.8CVSS

0.1AI Score

0.961EPSS

2019-07-22 12:00 AM
15
apple
apple

About the security content of watchOS 5.3

About the security content of watchOS 5.3 This document describes the security content of watchOS 5.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available......

9.8CVSS

0.7AI Score

0.961EPSS

2019-07-22 12:00 AM
33
nessus
nessus

openSUSE Security Update : neovim (openSUSE-2019-1759)

This update for neovim fixes the following issues : neovim was updated to version 0.3.7 : CVE-2019-12735: source should check sandbox (boo#1137443) genappimage.sh: migrate to linuxdeploy Version Update to version 0.3.5 : options: properly reset directories on 'autochdir' Remove MSVC...

8.6CVSS

9.1AI Score

0.004EPSS

2019-07-22 12:00 AM
19
suse
suse

Security update for neovim (important)

An update that fixes one vulnerability is now available. Description: This update for neovim fixes the following issues: neovim was updated to version 0.3.7: CVE-2019-12735: source should check sandbox (boo#1137443) genappimage.sh: migrate to linuxdeploy Version Update to version 0.3.5: ...

8.6CVSS

-0.3AI Score

0.004EPSS

2019-07-21 12:00 AM
116
pentestpartners
pentestpartners

Fails and Fixes with IoT

After nearly 6 years of tearing apart 'internet of things' devices, here's a look at the high level fails that we keep seeing. We're not going to go in to point issues such as Wi-Fi credential leakage and Bluetooth compromise: our blog is littered with those! What are the root issues and what can.....

6.7AI Score

2019-07-19 09:56 AM
42
malwarebytes
malwarebytes

Meet Extenbro, a new DNS-changer Trojan protecting adware

Recently, we uncovered a new DNS-changer called Extenbro that comes with an adware bundler. These DNS-changers block access to security-related sites, so the adware victims can’t download and install security software to get rid of the pests. From our viewpoint, this might be like sending in an...

0.4AI Score

2019-07-15 02:54 PM
96
nessus
nessus

Siemens IE/PB LINK PN IO Ethernet to PROFIBUS Communications Adapter

As a stand-alone component, the IE/PB LINK PN IO builds the seamless transition between Industrial Ethernet and PROFIBUS by means of real-time communication (RT) and thus enables existing PROFIBUS devices to be integrated into a PROFINET application. From the viewpoint of the IO Controller, all DP....

1.6AI Score

2019-07-05 12:00 AM
11
openbugbounty
openbugbounty

jadwork.net Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-880494 Security Researcher Mughiwara Helped patch 192 vulnerabilities Received 2 Coordinated Disclosure badges Received 4 recommendations , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting jadwork.net website and its.....

0.1AI Score

2019-07-03 03:36 PM
15
akamaiblog
akamaiblog

Mother's Day Online Shoppers Were Active, and So Were Threat Actors

Mother's Day is a major online shopping event that attracts both shoppers as well as threat actors. Earlier in the year, we reported on the United Kingdom's version, called Mothering Sunday. An eMarketer spending forecast predicted that in the United States, retail gift spending would increase,...

-0.3AI Score

2019-05-20 04:00 PM
100
nessus
nessus

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1534)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length ...

0.8AI Score

0.36EPSS

2019-05-14 12:00 AM
19
nessus
nessus

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1518)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature ...

0.5AI Score

0.003EPSS

2019-05-14 12:00 AM
24
nessus
nessus

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel ...

0.5AI Score

0.03EPSS

2019-05-13 12:00 AM
18
nessus
nessus

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1489)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An information-leak vulnerability was found in the kernel when it truncated a file to a smaller size which consisted of an...

0.4AI Score

0.054EPSS

2019-05-13 12:00 AM
27
malwarebytes
malwarebytes

What to do when you discover a data breach

Your cell phone goes off in the middle of your well-deserved sleep and you try to find it before your partner wakes up as well. “What could be wrong? Why would they page me in the middle of the night?” More asleep than awake, you stumble down the stairs and call the number on the screen, which...

-0.4AI Score

2019-05-07 03:00 PM
90
veracode
veracode

Use-After-Free

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. * A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary....

5.5CVSS

6.6AI Score

0.001EPSS

2019-05-02 06:01 AM
12
malwarebytes
malwarebytes

Who is managing the security of medical management apps?

One truth that is consistent across every sector—be it technology or education—is that software is vulnerable, which means that any device running software applications is also at risk. While virtually any application-running device could be compromised by an attacker, vulnerabilities in medical...

-0.3AI Score

2019-04-10 03:00 PM
39
threatpost
threatpost

Cardinal RAT Resurrected to Target FinTech Firms

A malware family called Cardinal RAT has reappeared, after two years of silence, in a series of attacks that have been targeting Israel-based financial technology firms. After Cardinal RAT was first detected in 2017, the malware disappeared for two years. But now, in this latest campaign,...

0.2AI Score

2019-03-19 10:07 PM
83
zdt
zdt

TheCarProject v2 - Multiple SQL Injection Vulnerability

Exploit for php platform in category web...

AI Score

2019-03-18 12:00 AM
69
packetstorm

0.2AI Score

2019-03-18 12:00 AM
29
exploitdb

7.4AI Score

2019-03-18 12:00 AM
57
exploitpack
exploitpack

TheCarProject 2 - Multiple SQL Injection

TheCarProject 2 - Multiple SQL...

0.3AI Score

2019-03-18 12:00 AM
20
veracode
veracode

Denial Of Service (DoS)

libmatio.so is vulnerable to denial of service (DoS) attacks. The vulnerability exists through a possible stack-based buffer over-read in a memcpy operation in Mat_VarReadNextInfo5() in src/mat5.c, resulting in a denial of service condition when the vulnerability is...

9.1CVSS

8.7AI Score

0.006EPSS

2019-03-04 03:23 AM
4
prion
prion

Stack overflow

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

9.1CVSS

9.2AI Score

0.006EPSS

2019-02-23 12:29 PM
4
debiancve
debiancve

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

9.1CVSS

8.8AI Score

0.006EPSS

2019-02-23 12:29 PM
6
osv
osv

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

9.1CVSS

7AI Score

0.006EPSS

2019-02-23 12:29 PM
2
Total number of security vulnerabilities1189