CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2020/02/17 9:31 a.m.•4 views

chromium-browser: Insufficient data validation in streams

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.0199EPSS

Exploits1References5

CNVD•added 2020/02/17 12:0 a.m.•3 views

IBM Watson IoT Message Gateway Code Execution Vulnerability

IBM Watson IoT Message Gateway is an IoT solution. A security vulnerability exists in IBM Watson IoT Message Gateway. The vulnerability arises from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write...

9.8CVSS7.2AI score0.04526EPSS

Exploits0References1

CNVD•added 2020/02/17 12:0 a.m.•2 views

Bludit Cross-Site Scripting Vulnerability (CNVD-2020-13197)

Bludit is an open source, lightweight blog content management system CMS. A cross-site scripting vulnerability exists in Bludit version 3.10.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

5.4CVSS6.4AI score0.00606EPSS

CNVD•added 2020/02/17 12:0 a.m.•1 views

Nextcloud iOS Cross-Site Scripting Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud iOS. The vulnerability stems from a lack of proper validation of client-side data by the web...

5.4CVSS6.4AI score0.00783EPSS

Exploits0References1

CNVD•added 2020/02/17 12:0 a.m.•2 views

Pandora FMS Cross-Site Scripting Vulnerability (CNVD-2020-10481)

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in Pandora FMS version 742. The vulnerability stems from a lack of proper...

5.4CVSS6.4AI score0.00804EPSS

CNVD•added 2020/02/17 12:0 a.m.•2 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2020-10427)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site scripting vulnerability exists in Revive Adserver. The vulnerability stems from the lack of prope...

6.1CVSS6.5AI score0.07055EPSS

NVD•added 2020/02/14 6:15 p.m.•15 views

CVE-2020-8849

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

NVD•added 2020/02/14 6:15 p.m.•21 views

CVE-2020-8853

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

NVD•added 2020/02/14 6:15 p.m.•11 views

CVE-2020-8851

Prion•added 2020/02/14 6:15 p.m.•13 views

Design/Logic Flaw

6.8CVSS7.8AI score0.05811EPSS

Prion•added 2020/02/14 6:15 p.m.•15 views

Design/Logic Flaw

6.8CVSS7.8AI score0.05811EPSS

Prion•added 2020/02/14 6:15 p.m.•19 views

Design/Logic Flaw

6.8CVSS7.8AI score0.05931EPSS

Prion•added 2020/02/14 6:15 p.m.•12 views

Design/Logic Flaw

6.8CVSS7.8AI score0.05811EPSS

Prion•added 2020/02/14 6:15 p.m.•20 views

Integer overflow

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

6.8CVSS7.9AI score0.30796EPSS

CNVD•added 2020/02/14 12:0 a.m.•1 views

Wowza Streaming Engine Code Execution Vulnerability

Wowza Streaming Engine is a streaming media server software from Wowza Media Systems. The program supports live streaming, VOD, online video chat, and remote recording. A security vulnerability exists in Wowza Streaming Engine. The vulnerability stems from the lack of proper validation of client...

7.8CVSS7.2AI score0.00451EPSS

CNVD•added 2020/02/14 12:0 a.m.•3 views

Foxit Reader Out-of-Bounds Write Remote Code Execution Vulnerability (CNVD-2020-10622)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

7.8CVSS8AI score0.05931EPSS

Exploits0References1

Cvelist•added 2020/02/13 10:20 p.m.•16 views

CVE-2020-8854

7.8CVSS7.8AI score0.0586EPSS

Cvelist•added 2020/02/13 10:20 p.m.•17 views

CVE-2020-8851

Cvelist•added 2020/02/13 10:20 p.m.•30 views

CVE-2020-8852

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

3.3CVSS3.3AI score0.04074EPSS