Lucene search

K

ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities

cvelist
cvelist

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV...

8.6AI Score

0.001EPSS

2021-11-03 10:11 AM
mskb
mskb

Description of the security update for SharePoint Foundation 2013: October 12, 2021 (KB5002042)

Description of the security update for SharePoint Foundation 2013: October 12, 2021 (KB5002042) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerabilities,...

7.2AI Score

0.163EPSS

2021-10-12 07:00 AM
48
mskb
mskb

Update 18.5 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.5.29545, Platform Build 18.0.29486): September 14, 2021 (KB5006076)

Update 18.5 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.5.29545, Platform Build 18.0.29486): September 14, 2021 (KB5006076) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes a...

5.7AI Score

0.001EPSS

2021-09-14 07:00 AM
42
mskb
mskb

Description of the security update for SharePoint Foundation 2013: September 14, 2021 (KB5002024)

Description of the security update for SharePoint Foundation 2013: September 14, 2021 (KB5002024) Summary This security update resolves Microsoft SharePoint Server spoofing vulnerabilities. To learn more about the vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-38651...

5.9AI Score

0.001EPSS

2021-09-14 07:00 AM
25
f5
f5

K41043270 : Intel processor vulnerabilities CVE-2021-0086 and CVE-2021-0089

Security Advisory Description CVE-2021-0086 Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 Observable response discrepancy in some Intel(R)...

6.5CVSS

6.2AI Score

0.0005EPSS

2021-09-08 12:00 AM
33
threatpost
threatpost

Connected Farms Easy Pickings for Global Food Supply-Chain Hack

A group of hackers made an unnerving DEF CON 29 presentation showing how the sprawling growth of digital and automated farming has left the world’s food supply chain vulnerable to cyberattack. A video for DEF CON 29 hacker conference this week put out by the group Sick Codes explained that modern.....

4.9CVSS

-0.3AI Score

0.001EPSS

2021-08-10 09:21 PM
51
nessus
nessus

TeamCity Server < 2020.2.4 Multiple Vulnerabilities

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2020.2.4. It is, therefore, affected by multiple vulnerabilities: A command injection vulnerability exists in JetBrains TeamCity. An unauthenticated, remote ...

9.8CVSS

1AI Score

0.005EPSS

2021-07-16 12:00 AM
65
mskb
mskb

Description of the security update for SharePoint Foundation 2013: July 13, 2021 (KB5001992)

Description of the security update for SharePoint Foundation 2013: July 13, 2021 (KB5001992) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, SharePoint Server spoofing vulnerability, and SharePoint Server information disclosure...

6.9AI Score

0.55EPSS

2021-07-13 07:00 AM
24
mskb
mskb

Update 18.3 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.3.27480, Platform Build 18.0.27469)

Update 18.3 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.3.27480, Platform Build 18.0.27469) Overview This update replaces previously released updates. You should always install the latest update. For more information, see CVE-2021-34474.After you install...

8AI Score

0.014EPSS

2021-07-13 07:00 AM
100
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2016:3115-1)

The remote host is missing an update for...

9.8CVSS

9.6AI Score

0.014EPSS

2021-06-09 12:00 AM
4
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:0494-1)

The remote host is missing an update for...

9.8CVSS

7.1AI Score

0.736EPSS

2021-06-09 12:00 AM
3
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:0437-1)

The remote host is missing an update for...

9.8CVSS

7.4AI Score

0.736EPSS

2021-06-09 12:00 AM
3
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:0333-1)

The remote host is missing an update for...

9.8CVSS

7.9AI Score

0.736EPSS

2021-06-09 12:00 AM
3
mskb
mskb

Description of the security update for SharePoint Foundation 2013: June 8, 2021 (KB5001962)

Description of the security update for SharePoint Foundation 2013: June 8, 2021 (KB5001962) Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, SharePoint spoofing vulnerability, SharePoint Server remote code execution vulnerability, and SharePoint...

7.1AI Score

0.089EPSS

2021-06-08 07:00 AM
46
mskb
mskb

Description of the security update for SharePoint Foundation 2013: May 11, 2021 (KB5001935)

Description of the security update for SharePoint Foundation 2013: May 11, 2021 (KB5001935) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, information disclosure vulnerability, and spoofing vulnerability, and Microsoft SharePoint remote...

7.1AI Score

0.306EPSS

2021-05-11 07:00 AM
35
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:0464-1)

The remote host is missing an update for...

7.8CVSS

7AI Score

0.052EPSS

2021-04-19 12:00 AM
3
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2016:2828-1)

The remote host is missing an update for...

9.8CVSS

9AI Score

0.019EPSS

2021-04-19 12:00 AM
4
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2016:2505-1)

The remote host is missing an update for...

9.8CVSS

9AI Score

0.019EPSS

2021-04-19 12:00 AM
2
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2017:0471-1)

The remote host is missing an update for...

7.8CVSS

8.1AI Score

0.052EPSS

2021-04-19 12:00 AM
1
mskb
mskb

Description of the security update for SharePoint Foundation 2013: March 9, 2021 (KB4493238)

Description of the security update for SharePoint Foundation 2013: March 9, 2021 (KB4493238) Summary This security update resolves a Microsoft SharePoint Spoofing Vulnerability. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-24104 and...

6.8AI Score

0.294EPSS

2021-03-09 08:00 AM
59
github
github

Denial of service attack via .well-known lookups

Impact A malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which...

6.5CVSS

3.4AI Score

0.002EPSS

2021-03-01 07:34 PM
31
osv
osv

Denial of service attack via .well-known lookups

Impact A malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which...

6.5CVSS

3.4AI Score

0.002EPSS

2021-03-01 07:34 PM
9
veracode
veracode

Denial Of Service (DoS)

matrix-synapse is vulnerable to denial of service. A malicious homeserver is able to redirect requests to a very large .well-known file that leads to a denial of service condition where homeservers will consume significantly more resources when requesting the malicious .well-known...

6.5CVSS

2.7AI Score

0.002EPSS

2021-03-01 07:37 AM
10
veracode
veracode

Denial Of Service (DoS)

matrix-synapse is vulnerable to denial of service (DoS). The vulnerability exists as a malicious homeserver could redirect requests to their .well-known file to a large...

6.5CVSS

2AI Score

0.002EPSS

2021-02-28 01:21 AM
10
cve
cve

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

6.5CVSS

6.4AI Score

0.002EPSS

2021-02-26 06:15 PM
67
6
osv
osv

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

6.5CVSS

6.4AI Score

0.002EPSS

2021-02-26 06:15 PM
8
nvd
nvd

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

6.5CVSS

0.002EPSS

2021-02-26 06:15 PM
osv
osv

PYSEC-2021-132

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

6.5CVSS

2.2AI Score

0.002EPSS

2021-02-26 06:15 PM
11
prion
prion

Code injection

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

6.5CVSS

6.5AI Score

0.002EPSS

2021-02-26 06:15 PM
5
cvelist
cvelist

CVE-2021-21274 Denial of service attack via .well-known lookups

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

4.3CVSS

6.8AI Score

0.002EPSS

2021-02-26 05:25 PM
ubuntucve
ubuntucve

CVE-2021-21274

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead.....

6.5CVSS

6.4AI Score

0.002EPSS

2021-02-26 12:00 AM
11
nessus
nessus

openSUSE Security Update : buildah / libcontainers-common / podman (openSUSE-2021-310)

This update for buildah, libcontainers-common, podman fixes the following issues : Changes in libcontainers-common : Update common to 0.33.0 Update image to 5.9.0 Update podman to 2.2.1 Update storage to 1.24.5 Switch to seccomp profile provided by common instead of podman Update...

8.8CVSS

8.2AI Score

0.004EPSS

2021-02-22 12:00 AM
156
suse
suse

Security update for buildah, libcontainers-common, podman (moderate)

An update that fixes two vulnerabilities is now available. Description: This update for buildah, libcontainers-common, podman fixes the following issues: Changes in libcontainers-common: Update common to 0.33.0 Update image to 5.9.0 Update podman to 2.2.1 Update storage to 1.24.5 Switch to...

8.8CVSS

-0.5AI Score

0.004EPSS

2021-02-19 12:00 AM
36
mskb
mskb

Description of the security update for SharePoint Foundation 2013: February 9, 2021 (KB4493210)

Description of the security update for SharePoint Foundation 2013: February 9, 2021 (KB4493210) Summary This security update resolves Microsoft SharePoint Spoofing Vulnerability, SharePoint Remote Code Execution Vulnerability, and SharePoint Information Disclosure Vulnerability. To learn more...

7.4AI Score

0.019EPSS

2021-02-09 08:00 AM
23
mskb
mskb

Description of the security update for SharePoint Foundation 2013: January 12, 2021

Description of the security update for SharePoint Foundation 2013: January 12, 2021 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

7.1AI Score

0.013EPSS

2021-01-12 08:00 AM
24
mskb
mskb

Description of the security update for SharePoint Foundation 2013: December 8, 2020

Description of the security update for SharePoint Foundation 2013: December 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

7.7AI Score

0.025EPSS

2020-12-08 08:00 AM
20
githubexploit
githubexploit

Exploit for Cross-site Scripting in Ant.Design Ant Design Pro

English | 简体中文 |...

6.1CVSS

-0.4AI Score

0.001EPSS

2020-12-01 09:18 AM
80
mskb
mskb

Description of the security update for SharePoint Foundation 2013: November 10, 2020

Description of the security update for SharePoint Foundation 2013: November 10, 2020 NoticeWe declare System.Web.UI.WebControls.PasswordRecovery to be an unsafe control because of security concerns. Therefore, we recommend that you no longer user it. Summary This security update resolves...

6AI Score

0.013EPSS

2020-11-10 08:00 AM
18
openbugbounty
openbugbounty

mon-espace-douche.com Cross Site Scripting vulnerability OBB-1470389

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

-0.1AI Score

2020-10-31 03:25 PM
6
ibm
ibm

Security Bulletin: Multiple packages as used in IBM Security QRadar Packet Capture are vulnerable to various security issues.

Summary The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2017-5461 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an...

9.8CVSS

0.8AI Score

0.967EPSS

2020-10-28 05:16 PM
24
openbugbounty
openbugbounty

espace-emplois.fr Cross Site Scripting vulnerability OBB-1455125

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

0.1AI Score

2020-10-27 01:28 PM
3
openbugbounty
openbugbounty

espace-mandela-lca.com Cross Site Scripting vulnerability OBB-1449506

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

-0.1AI Score

2020-10-26 07:35 AM
7
mskb
mskb

Description of the security update for SharePoint Foundation 2013: October 13, 2020

Description of the security update for SharePoint Foundation 2013: October 13, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

7.5AI Score

0.909EPSS

2020-10-13 07:00 AM
25
nessus
nessus

EulerOS Virtualization for ARM 64 3.0.6.0 : libXrender (EulerOS-SA-2020-2020)

According to the versions of the libXrender package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger ...

9.8CVSS

9.9AI Score

0.014EPSS

2020-09-29 12:00 AM
11
openvas
openvas

Huawei EulerOS: Security Advisory for libXrender (EulerOS-SA-2020-2020)

The remote host is missing an update for the Huawei...

9.8CVSS

9.6AI Score

0.014EPSS

2020-09-29 12:00 AM
1
openbugbounty
openbugbounty

espace-client.fletesia.fr Cross Site Scripting vulnerability OBB-1334639

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

-0.1AI Score

2020-09-14 09:31 AM
28
mskb
mskb

Description of the security update for SharePoint Foundation 2013: September 8, 2020

Description of the security update for SharePoint Foundation 2013: September 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the.....

7.7AI Score

0.013EPSS

2020-09-08 07:00 AM
14
sslabuse
sslabuse

BitRAT C&C

List of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. BitRAT C&C aggregated IOC by SSL Blacklist...

6.9AI Score

2020-08-31 05:38 AM
155
openbugbounty
openbugbounty

7910.org Cross Site Scripting vulnerability OBB-1258530

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

-0.1AI Score

2020-08-13 07:37 AM
8
mskb
mskb

Description of the security update for SharePoint Foundation 2013: August 11, 2020

Description of the security update for SharePoint Foundation 2013: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

6.5AI Score

0.014EPSS

2020-08-11 07:00 AM
14
Total number of security vulnerabilities1026