Description of the security update for SharePoint Server 2010: July 14, 2020
Description of the security update for SharePoint Server 2010: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.8AI Score
0.868EPSS
Description of the security update for SharePoint Enterprise Server 2013: July 14, 2020
Description of the security update for SharePoint Enterprise Server 2013: July 14, 2020 Note: After you install this update, the default setting for a trusted data source and trusted content locations in PerformancePoint Services will change from trust all to trust none. For more information, see.....
8.9AI Score
0.013EPSS
Fedora 31 : tcpreplay (2020-256ac53cc7)
This release contains bug fixes only (which includes security fixes) : Increase cache buffers size to accomodate VLAN edits (#594) Correct L2 header length to correct IP header offset (#583) Fix warnings from gcc version 10 (#580) Heap Buffer Overflow in randomize_iparp (#579) ...
9.1CVSS
8.9AI Score
0.003EPSS
Fedora 32 : tcpreplay (2020-f47830961a)
This release contains bug fixes only (which includes security fixes) : Increase cache buffers size to accomodate VLAN edits (#594) Correct L2 header length to correct IP header offset (#583) Fix warnings from gcc version 10 (#580) Heap Buffer Overflow in randomize_iparp (#579) ...
9.1CVSS
8.9AI Score
0.003EPSS
Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access
This module tests for a logic vulnerability in the Cisco VPN Concentrator 3000 series. It is possible to execute some FTP statements without authentication (CWD, RNFR, MKD, RMD, SIZE, CDUP). It also appears to have some memory leak bugs when working with CWD commands. This module simply creates an....
0.3AI Score
Description of the security update for SharePoint Server 2010: June 9, 2020
Description of the security update for SharePoint Server 2010: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the following....
6.5AI Score
0.001EPSS
Description of the security update for SharePoint Server 2010: May 12, 2020
Description of the security update for SharePoint Server 2010: May 12, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To...
5.7AI Score
0.001EPSS
Sky File 2.1.0 iOS - Directory Traversal Vulnerability
Exploit for php platform in category web...
AI Score
7.4AI Score
lerciopinto.pt Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1148367 Security Researcher DkilerS2 Helped patch 112 vulnerabilities Received 4 Coordinated Disclosure badges Received 8 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting lerciopinto.pt website and...
AI Score
IBM Data Risk Manager Authentication Bypass / Command Injection / File Download Exploit
IBM Data Risk Manager suffers from authentication bypass, command injection, insecure default password, and arbitrary file download...
7.4AI Score
0.3AI Score
0.1AI Score
1.1AI Score
Oracle VirtualBox xHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...
7.5CVSS
5AI Score
0.001EPSS
Description of the security update for SharePoint Enterprise Server 2013: April 14, 2020
Description of the security update for SharePoint Enterprise Server 2013: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint when the software fails to check the source markup of an application package. To learn more about....
9AI Score
0.017EPSS
Description of the security update for Outlook 2013: April 14, 2020
Description of the security update for Outlook 2013: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists when Microsoft Office improperly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities...
8.6AI Score
0.047EPSS
Description of the security update for SharePoint Server 2010: April 14, 2020
Description of the security update for SharePoint Server 2010: April 14, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To....
5.7AI Score
0.001EPSS
MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015
MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015 Introduction This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file...
7.7AI Score
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
4.6CVSS
4.6AI Score
0.001EPSS
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
4.6CVSS
4.6AI Score
0.001EPSS
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
4.6CVSS
4.6AI Score
0.001EPSS
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
4.7AI Score
0.001EPSS
cairo is vulnerable to arbitrary code execution. The vulnerability exists if an application linked against Cairo processes a malicious PNG image, it is possible to execute arbitrary code as the user running the...
4AI Score
0.082EPSS
Security Advisory - Insufficient Integrity Validation Vulnerability in Several Products
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB. (Vulnerability ID:...
4.6CVSS
4.9AI Score
0.001EPSS
338online.es Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1128125 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting 338online.es website and...
0.1AI Score
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
3.9CVSS
4.3AI Score
0.0004EPSS
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
3.9CVSS
4.2AI Score
0.0004EPSS
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
3.9CVSS
4.3AI Score
0.0004EPSS
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
4.3AI Score
0.0004EPSS
Activities of a Nigerian Cybercriminal Uncovered
Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...
-0.3AI Score
Activities of a Nigerian Cybercriminal Uncovered
Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...
-0.3AI Score
Researchers Uncover a Nigerian Hacker's Pursuit of his Million Dollar Dream
Social engineering-driven malware threats continue to be a big threat, but new research details how cybercriminals profit off such schemes to launder hundreds of thousands of dollars from stolen credit cards of unsuspecting victims. Cybersecurity firm Check Point Research, in a report shared...
0.3AI Score
Hello, There is an out-of-bounds write that is likely exploitable while performing Huffman decoding of Fax images. The technical details are as follows. # Type: integer underflow produces out of bounds heap/etc write # Platform: 32-bit # Details: 390 MagickExport MagickPassFail...
9.8CVSS
9.6AI Score
0.002EPSS
Security Advisory - Improper Integrity Checking Vulnerability on some Huawei Products
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications. (Vulnerability ID: HWPSIRT-2019-10070) This vulnerability has been...
3.9CVSS
4.8AI Score
0.0004EPSS
On March 3, 2020, the cyber division of Federal Bureau of Investigation (FBI) issued a private industry notification calling out Business Email Compromise (BEC) scams through exploitation of cloud-based email services. Microsoft Office 365 and Google G Suite, the two largest cloud-based email...
-0.4AI Score
Description of the security update for SharePoint Server 2010: March 10, 2020
Description of the security update for SharePoint Server 2010: March 10, 2020 Summary This security update resolves a vulnerability that is caused if SharePoint Server does not correctly sanitize a specially crafted request to an affected SharePoint server. To learn more about the vulnerability,...
5.8AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability....
6.8CVSS
6.7AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability....
6.8CVSS
6.6AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability....
6.8CVSS
6.7AI Score
0.001EPSS
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful...
6.1CVSS
6.2AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability...
6.8CVSS
6.4AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability...
6.8CVSS
6.4AI Score
0.001EPSS
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful...
6.1CVSS
6.2AI Score
0.001EPSS
Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the...
6.8CVSS
6.7AI Score
0.001EPSS
Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the...
6.8CVSS
6.6AI Score
0.001EPSS
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful...
6.1CVSS
6.2AI Score
0.001EPSS
Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the...
6.8CVSS
6.6AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability...
6.8CVSS
6.5AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability....
6.7AI Score
0.001EPSS