10 matches found
EUVD-2021-33157
Malicious code in bioql PyPI...
CVE-2021-33157
CVE-2021-33157 affects Intel® Ethernet Adapters and Intel® Ethernet Controller I225 Manageability firmware, where insufficient control flow management could allow a privileged user to escalate privileges via local access. The base CVSSv3.1 score is 7.2 (HIGH) with LOCAL access, HIGH complexity, a...
CVE-2021-33157
Insufficient control flow management in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2023-33157
creationtimestamp| type| source ---|---|--- 2023-07-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1062 2023-08-23 15:04:07+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8897...
CVE-2023-33157
Microsoft SharePoint Remote Code Execution Vulnerability...
CVE-2023-33157
CVE-2023-33157 is a Microsoft SharePoint RCE affecting on‑premises SharePoint Server / SharePoint Server Subscription Edition. Public documentation associates this CVE with a remote code execution vulnerability in SharePoint that is addressed by July 2023 security updates (KB5002423/KB5002424; bu...
KLA50773 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code...
Security Updates for Microsoft SharePoint Server 2016 (July 2023)
The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2023-33159 ...
CVE-2022-33157
CVE-2022-33157 affects the TYPO3 libconnect extension: versions before 7.0.8 and 8.x before 8.1.0 are vulnerable to cross-site scripting (XSS) due to improper input handling in the library (e.g., displayParticipantsFormAction). The impact is attacker-controlled script execution in the victim’s br...
pentaxclub.com XSS vulnerability
Vulnerable URL: http://www.pentaxclub.com/board/board.view.php?boardkey=gategallery=10217%22%3E%3Cscript%3Ealert%28/XSSPOSED/%29%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...