Lucene search

K

DP300,TE60,TP3106,ViewPoint 9030,eCNS210 TD,eSpace 7950,eSpace IAD,eSpace U1981 Security Vulnerabilities

openbugbounty
openbugbounty

espace-aubade.fr Cross Site Scripting vulnerability OBB-3423180

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.1AI Score

2023-06-13 08:18 AM
9
openbugbounty
openbugbounty

espace-terroir.ch Cross Site Scripting vulnerability OBB-3382752

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.1AI Score

2023-06-03 11:38 PM
8
openbugbounty
openbugbounty

espace-o.ca Cross Site Scripting vulnerability OBB-3340764

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.1AI Score

2023-05-15 10:06 PM
5
openbugbounty
openbugbounty

espace-chez-soi.ch Cross Site Scripting vulnerability OBB-3340756

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.1AI Score

2023-05-15 10:04 PM
7
mskb
mskb

Description of the security update for SharePoint Foundation 2013: April 11, 2023 (KB5002383)

Description of the security update for SharePoint Foundation 2013: April 11, 2023 (KB5002383) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see ​​​​Microsoft Common Vulnerabilities and Exposures CVE-2023-28288....

8AI Score

0.004EPSS

2023-04-11 07:00 AM
65
nuclei
nuclei

Gitea 1.1.0 - 1.12.5 - Remote Code Execution

Gitea 1.1.0 through 1.12.5 is susceptible to authenticated remote code execution, via the git hook functionality, in customer environments where the documentation is not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the...

7.2CVSS

7.1AI Score

0.973EPSS

2023-03-18 10:07 PM
53
mskb
mskb

Description of the security update for SharePoint Foundation 2013: March 14, 2023 (KB5002367)

Description of the security update for SharePoint Foundation 2013: March 14, 2023 (KB5002367) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see ​​​​Microsoft Common Vulnerabilities and Exposures CVE-2023-23395....

4.1AI Score

0.001EPSS

2023-03-14 07:00 AM
49
openvas
openvas

Debian: Security Advisory (DLA-664-1)

The remote host is missing an update for the...

9.8CVSS

9.6AI Score

0.014EPSS

2023-03-08 12:00 AM
1
cve
cve

CVE-2020-36652

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

7.1CVSS

6.7AI Score

0.0004EPSS

2023-02-28 03:15 AM
24
nvd
nvd

CVE-2020-36652

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

7.1CVSS

6.4AI Score

0.0004EPSS

2023-02-28 03:15 AM
prion
prion

Design/Logic Flaw

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

7.1CVSS

6.7AI Score

0.0004EPSS

2023-02-28 03:15 AM
4
cvelist
cvelist

CVE-2020-36652 File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

6.6CVSS

6.8AI Score

0.0004EPSS

2023-02-28 02:06 AM
mskb
mskb

Description of the security update for SharePoint Foundation 2013: February 14, 2023 (KB5002347)

Description of the security update for SharePoint Foundation 2013: February 14, 2023 (KB5002347) Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities,....

9.7AI Score

0.454EPSS

2023-02-14 08:00 AM
65
openbugbounty
openbugbounty

espace-ultradanse.fr Cross Site Scripting vulnerability OBB-3192693

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2023-02-12 07:36 PM
13
hackerone
hackerone

JetBlue: XSS via Vuln Rendertron Instance At `██████████.jetblue.com/render/*`

Summary I found that you have █████████ installed on your server, but it may not be up to date. i was able to get around ███'s xss block and get it to raise an alert. this is a type of xss that is mirrored and as soon as you send a link to a person, the xss runs. and in a malicious scenario, it...

10AI Score

2023-01-31 05:25 AM
6
nessus
nessus

Rocky Linux 9 : Image Builder (RLSA-2022:7950)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial...

7.8AI Score

0.002EPSS

2023-01-30 12:00 AM
11
mskb
mskb

Description of the security update for SharePoint Foundation 2013: January 10, 2023 (KB5002336)

Description of the security update for SharePoint Foundation 2013: January 10, 2023 (KB5002336) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

9AI Score

0.007EPSS

2023-01-10 08:00 AM
40
openbugbounty
openbugbounty

espace-europ.com Cross Site Scripting vulnerability OBB-3099799

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.2AI Score

2022-12-13 06:43 PM
7
mskb
mskb

Description of the security update for SharePoint Foundation 2013: December 13, 2022 (KB5002319)

Description of the security update for SharePoint Foundation 2013: December 13, 2022 (KB5002319) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

9AI Score

0.009EPSS

2022-12-13 08:00 AM
9
oraclelinux
oraclelinux

Image Builder security, bug fix, and enhancement update

cockpit-composer [41-1.0.1] - Make per page documentation links point to Oracle Linux [Orabug: 32013095], [Orabug:34398922] [41-1] - New upstream release [40-1] - New upstream release [39-1] - New upstream release [38-1] - New upstream release [37-1] - New upstream release [35-1] - New upstream...

7.5CVSS

0.1AI Score

0.002EPSS

2022-11-22 12:00 AM
12
nessus
nessus

Oracle Linux 9 : Image / Builder (ELSA-2022-7950)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a...

7.5CVSS

7.5AI Score

0.002EPSS

2022-11-22 12:00 AM
5
nessus
nessus

AlmaLinux 9 : Image Builder (ALSA-2022:7950)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial...

7.5CVSS

7.6AI Score

0.002EPSS

2022-11-19 12:00 AM
10
nessus
nessus

RHEL 9 : Image Builder (RHSA-2022:7950)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7950 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service...

7.5CVSS

7.8AI Score

0.002EPSS

2022-11-16 12:00 AM
10
rocky
rocky

Image Builder security, bug fix, and enhancement update

An update is available for cockpit-composer, weldr-client. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Image Builder is a service for building customized OS....

7.5CVSS

7.8AI Score

0.002EPSS

2022-11-15 06:11 AM
24
osv
osv

Low: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....

7.5CVSS

7.7AI Score

0.002EPSS

2022-11-15 06:11 AM
7
redhat
redhat

(RHSA-2022:7950) Low: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....

7.8AI Score

0.002EPSS

2022-11-15 06:11 AM
17
almalinux
almalinux

Low: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....

7.5CVSS

7.8AI Score

0.002EPSS

2022-11-15 12:00 AM
8
osv
osv

Low: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....

7.5CVSS

7.7AI Score

0.002EPSS

2022-11-15 12:00 AM
7
mskb
mskb

Description of the security update for SharePoint Foundation 2013: November 8, 2022 (KB5002303)

Description of the security update for SharePoint Foundation 2013: November 8, 2022 (KB5002303) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

8.9AI Score

0.013EPSS

2022-11-08 08:00 AM
17
mskb
mskb

Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002267)

Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002267) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint remote code execution vulnerability. To learn more about the...

8.3AI Score

0.022EPSS

2022-11-08 08:00 AM
27
cve
cve

CVE-2020-36605

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

6.6CVSS

4.6AI Score

0.0004EPSS

2022-11-01 03:15 AM
31
11
cve
cve

CVE-2022-41552

Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side....

9.8CVSS

9.4AI Score

0.002EPSS

2022-11-01 03:15 AM
32
10
nvd
nvd

CVE-2020-36605

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

4.4CVSS

0.0004EPSS

2022-11-01 03:15 AM
1
prion
prion

Design/Logic Flaw

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

4.4CVSS

4.6AI Score

0.0004EPSS

2022-11-01 03:15 AM
9
cvelist
cvelist

CVE-2020-36605 File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

6.6CVSS

6.3AI Score

0.0004EPSS

2022-11-01 02:07 AM
openbugbounty
openbugbounty

sfcp-espace-aubade.fr Cross Site Scripting vulnerability OBB-2999805

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-10-16 12:34 PM
9
openbugbounty
openbugbounty

espace-evasion-delmoly.com Cross Site Scripting vulnerability OBB-2998933

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-10-16 04:39 AM
4
openbugbounty
openbugbounty

espace-du-son.com Cross Site Scripting vulnerability OBB-2998932

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-10-16 04:37 AM
5
openbugbounty
openbugbounty

espace-couture.fr Cross Site Scripting vulnerability OBB-2990906

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-10-11 05:34 PM
10
mskb
mskb

Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284)

Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

9.1AI Score

0.013EPSS

2022-10-11 07:00 AM
16
cve
cve

CVE-2017-9030

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...

7.5CVSS

7.4AI Score

0.002EPSS

2022-10-03 04:23 PM
29
cvelist
cvelist

CVE-2017-9030

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...

7.5AI Score

0.002EPSS

2022-10-03 04:23 PM
1
cve
cve

CVE-2018-13086

The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any...

7.5CVSS

7.7AI Score

0.001EPSS

2022-10-03 04:22 PM
19
cvelist
cvelist

CVE-2018-13086

The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any...

7.7AI Score

0.001EPSS

2022-10-03 04:22 PM
cvelist
cvelist

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

6.4AI Score

0.002EPSS

2022-10-03 04:14 PM
cve
cve

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

6.5AI Score

0.002EPSS

2022-10-03 04:14 PM
23
thn
thn

Integrating Live Patching in SecDevOps Workflows

SecDevOps is, just like DevOps, a transformational change that organizations undergo at some point during their lifetime. Just like many other big changes, SecDevOps is commonly adopted after a reality check of some kind: a big damaging cybersecurity incident, for example. A major security breach.....

-0.3AI Score

2022-09-06 08:57 AM
14
openvas
openvas

Ubuntu: Security Advisory (USN-5436-1)

The remote host is missing an update for...

9.8CVSS

9.6AI Score

0.014EPSS

2022-08-26 12:00 AM
openbugbounty
openbugbounty

espace-formatif-cfa.fr Cross Site Scripting vulnerability OBB-2854788

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-08-19 04:14 PM
12
talos
talos

Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability

Summary A type confusion vulnerability exists in the way Adobe Acrobat Reader DC 2022.001.20085 deals with overlapping annotations. A specially-crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious file to trigger this....

7.8CVSS

0.1AI Score

0.001EPSS

2022-07-13 12:00 AM
10
Total number of security vulnerabilities1411