Lucene search
+L

93 matches found

Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.103 views

KB4493441: Windows 10 Version 1709 and Windows Server Version 1709 April 2019 Security Update

The remote Windows host is missing security update 4493441. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver luafv.sys...

9.8CVSS8.3AI score0.4523EPSS
Exploits61References38
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:32 p.m.15 views

Security Bulletin: IBM Cognos TM1 is affected by security vulnerability CVE-2014-0877

Summary The link generated when opening the Rights page for an application can be opened anywhere, without the need to log in. Vulnerability Details CVE-ID: CVE-2014-0877 CVSS Base Score: 4 CVSS Temporal Score: See for the current score CVSS Environmental Score: Undefined CVSS Vector:...

5CVSS0.9AI score0.01187EPSS
Exploits0Affected Software1
Circl
Circl
added 2018/03/20 12:0 a.m.17 views

CVE-2018-0877

creationtimestamp| type| source ---|---|--- 2018-03-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44313 2018-03-23 08:30:56+00:00| seen| https://t.me/antichat/1124...

7.8CVSS7.3AI score0.0348EPSS
Exploits2References2
CVE
CVE
added 2018/03/14 5:0 p.m.143 views

CVE-2018-0877

CVE-2018-0877 affects the WCIFS (Windows Desktop Bridge VFS) driver. The root cause is improper handling of file paths in privileged Windows directories, allowing a reparse to a user-controlled location during a file-create path when the requested file did not exist in a trusted directory. This c...

7.8CVSS7.5AI score0.0348EPSS
Exploits2References4Affected Software3
Check Point Advisories
Check Point Advisories
added 2018/03/13 12:0 a.m.31 views

Microsoft Windows Desktop Bridge VFS Elevation of Privilege (CVE-2018-0877)

A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

7.2CVSS7AI score0.0348EPSS
Exploits2
CVE
CVE
added 2017/12/06 2:0 p.m.60 views

CVE-2017-0877

CVE-2017-0877 describes a remote code execution vulnerability in the Android media framework (libavc) affecting Android 6.0. The issue is triggered via a specially crafted file, allowing an attacker to execute code in the context of a privileged process. The vulnerability is categorized as Media ...

9.3CVSS8.4AI score0.01437EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/05/31 1:0 a.m.42 views

CVE-2016-0877

CVE-2016-0877 affects Moxa EDR-G903 Secure Router devices (pre-3.4.12). The vulnerability is a memory leak in the information exposure path caused by the ping function, allowing remote attackers to cause denial of service via memory consumption. The issue is tied to a vulnerability in the device’...

7.8CVSS7.3AI score0.01823EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2015/04/06 1:59 a.m.13 views

CVE-2015-0877

Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a \0 character in its name...

7.5CVSS7.7AI score0.02673EPSS
Exploits0References3
CVE
CVE
added 2015/04/06 1:0 a.m.53 views

CVE-2015-0877

CVE-2015-0877 affects C-BOARD Moyuku prior to 1.03b3. The vulnerability is an unrestricted file upload in app/lib/mlf.pl that lets remote attackers upload a file with a null character in its name, potentially enabling arbitrary code execution on the server. Multiple sources (NVD, JVN/JVNDB, PRION...

7.5CVSS7.9AI score0.02673EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/09/05 5:0 p.m.21 views

CVE-2014-0877

IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remote attackers to bypass intended access restrictions by visiting the Rights page and then following a generated link...

6.5AI score0.01187EPSS
Exploits0References2
CVE
CVE
added 2014/09/05 5:0 p.m.54 views

CVE-2014-0877

CVE-2014-0877 affects IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2 before IF1. The IBM bulletin describes an access control bypass: a link generated from the Rights page can be opened without logging in, effectively bypassing intended restrictions. The vulnerability is documented with remediatio...

5CVSS6.7AI score0.01187EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/11/23 5:0 p.m.53 views

CVE-2013-0877

The CVE-2013-0877 entry describes a vulnerability in FFmpeg prior to 1.1.3 where the old_codec37 function in libavcodec/sanm.c can be triggered by crafted LucasArts Smush data of large size, leading to an out-of-bounds array access and unspecified impact. Public-availability documents (Gentoo GLS...

9.3CVSS6.8AI score0.02447EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.67 views

TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager vulnerable to Cross-site scripting sitemap page July 26, 2011 Risk Level: Medium Affected versions: Oracle Enterprise Manager Grid Control versions 10.1.0.6 Oracle Enterprise Manager control...

4.3CVSS5.4AI score0.01495EPSS
Exploits0
CVE
CVE
added 2011/07/20 10:36 p.m.106 views

CVE-2011-0877

The CVE-2011-0877 entry concerns an unspecified vulnerability in Oracle’s Instance Management component affecting Oracle Database Server versions 10.1.0.5, 10.2.0.3, 10.2.0.4 and Oracle Enterprise Manager Grid Control 10.1.0.6. The issue is described as allowing remote attackers to affect integri...

4.3CVSS6.1AI score0.01495EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2010/04/13 10:0 p.m.62 views

CVE-2010-0877

Technical details are not publicly available in the provided documents. Monitor for updates.

5CVSS6.2AI score0.01508EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/03/12 3:0 p.m.44 views

CVE-2009-0877

The CVE-2009-0877 entry describes multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express. The affected component is the web interface of Sun Java System Communications Express, where attackers can inject arbitrary web script or HTML via the Full Name or Subj...

4.3CVSS5.9AI score0.01721EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2008/02/21 7:0 p.m.41 views

CVE-2008-0877

CVE-2008-0877 affects Jinzora Media Jukebox 2.7.5 with multiple cross-site scripting (XSS) vulnerabilities. The issue arises from insufficient input sanitization in several parameters across files: (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, (5) set_theme to index.php; (additional) fr...

4.3CVSS5.8AI score0.01489EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/02/12 7:0 p.m.59 views

CVE-2007-0877

Technical details about CVE-2007-0877 are not publicly provided in the supplied documents; no affected products, root cause, or remediation are described. Monitor for updates.

5CVSS6.4AI score0.00926EPSS
Exploits0References2Affected Software5
CVE
CVE
added 2006/02/24 11:0 a.m.44 views

CVE-2006-0877

The CVE-2006-0877 entry refers to a Cross-Site Scripting vulnerability in Easy Forum 2.5 allowing remote injection of arbitrary script via the image variable. Connected sources confirm affected software (Easy Forum 2.5) and vulnerable script join.php with unsanitized image data; exploit code is a...

5CVSS6.1AI score0.03002EPSS
Exploits1References8Affected Software1
Slackware Linux
Slackware Linux
added 2005/07/20 1:58 p.m.44 views

dnsmasq

New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache. More detail...

5CVSS6.6AI score0.02605EPSS
Exploits0
Rows per page
Query Builder