Lucene search

K

ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities

cve
cve

CVE-2022-32484

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI...

5.6CVSS

4.5AI Score

0.0004EPSS

2022-10-12 08:15 PM
19
4
cve
cve

CVE-2022-32485

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...

7.8CVSS

7.8AI Score

0.0004EPSS

2022-10-12 08:15 PM
25
4
cve
cve

CVE-2022-32488

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...

8.2CVSS

7.8AI Score

0.0004EPSS

2022-10-12 08:15 PM
20
4
cve
cve

CVE-2022-32491

Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-10-12 08:15 PM
19
4
cve
cve

CVE-2022-32487

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...

7.8CVSS

7.8AI Score

0.0004EPSS

2022-10-12 08:15 PM
21
4
cve
cve

CVE-2022-32483

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI...

5.6CVSS

4.5AI Score

0.0004EPSS

2022-10-12 08:15 PM
28
4
cve
cve

CVE-2022-32493

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...

7.8CVSS

7.9AI Score

0.0004EPSS

2022-10-12 08:15 PM
23
4
openbugbounty
openbugbounty

espace-couture.fr Cross Site Scripting vulnerability OBB-2990906

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-10-11 05:34 PM
10
mskb
mskb

Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284)

Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

9.1AI Score

0.013EPSS

2022-10-11 07:00 AM
16
cve
cve

CVE-2019-8950

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via...

9.8CVSS

9.3AI Score

0.003EPSS

2022-10-03 04:19 PM
25
cvelist
cvelist

CVE-2019-8950

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via...

9.4AI Score

0.003EPSS

2022-10-03 04:19 PM
cve
cve

CVE-2012-1493

F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not...

9.1AI Score

0.466EPSS

2022-10-03 04:15 PM
39
openvas
openvas

Ubuntu: Security Advisory (USN-5436-1)

The remote host is missing an update for...

9.8CVSS

9.6AI Score

0.014EPSS

2022-08-26 12:00 AM
openbugbounty
openbugbounty

espace-formatif-cfa.fr Cross Site Scripting vulnerability OBB-2854788

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-08-19 04:14 PM
12
cvelist
cvelist

CVE-2022-22558

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...

5.7CVSS

6.4AI Score

0.0004EPSS

2022-08-04 12:00 AM
cve
cve

CVE-2022-22558

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...

6CVSS

6.1AI Score

0.0004EPSS

2022-08-04 12:00 AM
134
huntr
huntr

Segmentation Fault in SFS_Expression

It can cause Denial-of-service attack. Version root@ubuntu:~/gpac/.git# cat refs/heads/master 0102c5d4db7fdbf08b5b591b2a6264de33867a07 system stack size (default) root@ubuntu:~/gpac/bin/gcc# ulimit -s 8192 POC Download POC Execute root@ubuntu:~/gpac/bin/gcc# ./MP4Box -info -disox -dump-chap-ogg...

5.5CVSS

2.5AI Score

0.001EPSS

2022-07-30 08:08 AM
7
openbugbounty
openbugbounty

espace-terroir.ch Cross Site Scripting vulnerability OBB-2744403

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-07-08 10:15 PM
10
mskb
mskb

Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219)

Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

9.1AI Score

0.011EPSS

2022-06-14 07:00 AM
11
osv
osv

Magento 2 Community Edition Access Control Bypass

An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...

7.5CVSS

7AI Score

0.001EPSS

2022-05-24 04:52 PM
6
github
github

Magento 2 Community Edition Access Control Bypass

An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...

7.5CVSS

7AI Score

0.001EPSS

2022-05-24 04:52 PM
8
nessus
nessus

Ubuntu 16.04 ESM : libXrender vulnerabilities (USN-5436-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5436-1 advisory. Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to...

9.8CVSS

9.5AI Score

0.014EPSS

2022-05-24 12:00 AM
15
osv
osv

libxrender vulnerabilities

Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-7949,...

9.8CVSS

8AI Score

0.014EPSS

2022-05-23 06:04 PM
5
ubuntu
ubuntu

libXrender vulnerabilities

Releases Ubuntu 16.04 ESM Packages libxrender - X11 Rendering Extension client library Details Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code....

9.8CVSS

10AI Score

0.014EPSS

2022-05-23 12:00 AM
37
mskb
mskb

Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203)

Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

8.9AI Score

0.054EPSS

2022-05-10 08:00 AM
116
nvd
nvd

CVE-2022-22558

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...

6CVSS

0.0004EPSS

2022-04-21 09:15 PM
prion
prion

Design/Logic Flaw

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...

6CVSS

6.2AI Score

0.0004EPSS

2022-04-21 09:15 PM
3
openvas
openvas

Slackware: Security Advisory (SSA:2016-305-02)

The remote host is missing an update for...

9.8CVSS

9.1AI Score

0.02EPSS

2022-04-21 12:00 AM
2
openbugbounty
openbugbounty

espace-helvetia.ch Cross Site Scripting vulnerability OBB-2531840

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-04-20 12:38 AM
11
mskb
mskb

Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189)

Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft Excel remote code execution vulnerability. To learn more about the vulnerabilities, see the...

7.3AI Score

0.007EPSS

2022-04-12 08:00 AM
63
cbl_mariner
cbl_mariner

CVE-2022-0891 affecting package libtiff 4.1.0-3

CVE-2022-0891 affecting package libtiff 4.1.0-3. A patched version of the package is...

7.1CVSS

7.3AI Score

0.009EPSS

2022-04-07 06:04 AM
openbugbounty
openbugbounty

7910.org Cross Site Scripting vulnerability OBB-2434468

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

AI Score

2022-03-16 10:04 AM
7
suse
suse

Security update for conmon, libcontainers-common, libseccomp, podman (moderate)

An update that solves 7 vulnerabilities, contains one feature and has one errata is now available. Description: This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues: podman was updated to 3.4.4. Security issues fixed: fix CVE-2021-41190 [bsc#1193273],...

6.5CVSS

-0.4AI Score

0.005EPSS

2022-03-04 12:00 AM
166
openbugbounty
openbugbounty

espace-evasion-delmoly.com Cross Site Scripting vulnerability OBB-2377962

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-02-19 06:42 AM
13
openbugbounty
openbugbounty

espace-corps-pluriel.com Cross Site Scripting vulnerability OBB-2377956

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-02-19 06:41 AM
12
openbugbounty
openbugbounty

espace-du-son.com Cross Site Scripting vulnerability OBB-2377958

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-02-19 06:41 AM
8
openbugbounty
openbugbounty

espace-client.saria.fr Cross Site Scripting vulnerability OBB-2365211

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-02-08 03:08 PM
9
mskb
mskb

Description of the security update for SharePoint Foundation 2013: February 8, 2022 (KB5002155)

Description of the security update for SharePoint Foundation 2013: February 8, 2022 (KB5002155) Summary This security update resolves a Microsoft SharePoint Server security feature bypass vulnerability. For more information about the vulnerability, see Microsoft Common Vulnerabilities and...

6.6AI Score

0.001EPSS

2022-02-08 08:00 AM
30
openvas
openvas

Mageia: Security Advisory (MGASA-2014-0485)

The remote host is missing an update for...

6.5AI Score

0.037EPSS

2022-01-28 12:00 AM
5
openvas
openvas

Mageia: Security Advisory (MGASA-2018-0011)

The remote host is missing an update for...

9.8CVSS

9.1AI Score

0.02EPSS

2022-01-28 12:00 AM
3
openbugbounty
openbugbounty

leray-paysage-espace-vert.fr Cross Site Scripting vulnerability OBB-2333300

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.1AI Score

2022-01-13 12:08 PM
9
mskb
mskb

Description of the security update for SharePoint Foundation 2013: January 11, 2022 (KB5002127)

Description of the security update for SharePoint Foundation 2013: January 11, 2022 (KB5002127) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities,....

9.1AI Score

0.04EPSS

2022-01-11 08:00 AM
61
openbugbounty
openbugbounty

armee-air-espace-collection.gouv.fr Cross Site Scripting vulnerability OBB-2309490

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

-0.3AI Score

2021-12-21 03:10 PM
13
huawei
huawei

Security Advisory - Apache log4j2 remote code execution vulnerabilities in some Huawei products

Some Huawei products are affected by the Apache Log4j2 remote code execution vulnerabilities. The vulnerabilities are caused by a recursive parsing error in some functions of Apache Log4j2. An attacker can construct a malicious request to control log parameters to trigger a remote code execution...

10CVSS

2.9AI Score

0.975EPSS

2021-12-15 12:00 AM
244
mskb
mskb

Description of the security update for SharePoint Foundation 2013: December 14, 2021 (KB5002071)

Description of the security update for SharePoint Foundation 2013: December 14, 2021 (KB5002071) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities,.....

7.8AI Score

0.038EPSS

2021-12-14 08:00 AM
35
openbugbounty
openbugbounty

gites-espace-detente.com Cross Site Scripting vulnerability OBB-2233268

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.1AI Score

2021-11-04 05:00 PM
7
cve
cve

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

7.8CVSS

7.9AI Score

0.001EPSS

2021-11-03 11:15 AM
15
osv
osv

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

7.8CVSS

7.2AI Score

0.001EPSS

2021-11-03 11:15 AM
4
nvd
nvd

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

7.8CVSS

0.001EPSS

2021-11-03 11:15 AM
prion
prion

Input validation

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

7.8CVSS

7.7AI Score

0.001EPSS

2021-11-03 11:15 AM
4
Total number of security vulnerabilities1026