Lucene search
+L

106 matches found

CVE
CVE
added 2020/07/10 1:14 p.m.166 views

CVE-2020-3974

CVE-2020-3974 affects VMware Fusion 11.x (pre-11.5.5), VMware Remote Console for Mac 11.x (pre-11.2.0), and Horizon Client for Mac 5.x (pre-5.4.3). It is a local privilege-escalation due to improper XPC Client validation, allowing a normal-privilege user to gain root access. Exploitation requires...

7.8CVSS8AI score0.00359EPSS
Exploits0References1Affected Software3
Tenable Nessus
Tenable Nessus
added 2019/08/23 12:0 a.m.42 views

Tenable Nessus < 8.6.0 Denial of Service vulnerability (TNS-2019-05)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior or equal to 8.5.2. It is, therefore, affected by a denial of service vulnerability due to a flaw where certain files could be overwritten arbitrarily. An authenticated, remote attacker could...

8.5CVSS7.8AI score0.01818EPSS
Exploits0References2
OSV
OSV
added 2019/08/15 7:15 p.m.5 views

CVE-2019-3974

Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition...

8.1CVSS7.2AI score0.01818EPSS
Exploits0References1
NVD
NVD
added 2019/08/15 7:15 p.m.14 views

CVE-2019-3974

Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition...

8.5CVSS8AI score0.01818EPSS
Exploits0References1
CVE
CVE
added 2019/08/15 6:58 p.m.127 views

CVE-2019-3974

CVE-2019-3974 affects Tenable Nessus on Windows (versions 8.5.2 and earlier). The issue allows arbitrary overwriting of certain system files, potentially causing a denial-of-service condition. Root cause: file overwrite flaw in Nessus’ Windows file handling. Affected product/version per sources: ...

8.5CVSS7.9AI score0.01818EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/06/26 12:0 a.m.24 views

Tenable Nessus <= 8.5.2 File Overwrite Vulnerability (TNS-2019-05)

Tenable Nessus on Windows is prone to an arbitrary file overwrite vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.5CVSS8.2AI score0.01818EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.23 views

Ubuntu 16.04 LTS : VCFtools vulnerabilities (USN-3974-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3974-1 advisory. It was discovered that VCFtools improperly handled certain input. If a user was tricked into opening a crafted input file, VCFtools could be made to cras...

7.8CVSS6.6AI score0.22369EPSS
Exploits0References4
CVE
CVE
added 2019/04/02 3:19 p.m.58 views

CVE-2018-3974

GOG Galaxy 1.2.45.61 on Windows is affected by a local privilege escalation due to insecure file permissions in the install directory. An attacker can overwrite GalaxyClientService.exe, which runs as LocalSystem, enabling arbitrary code execution with system privileges at boot. Root cause: overly...

9.3CVSS7.8AI score0.0053EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/03/16 2:4 p.m.26 views

CVE-2017-3974

CVE-2017-3974 is rejected/not used and does not represent an active vulnerability entry.

7.3AI score
Exploits0
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.8 views

CVE-2017-3974

...

Exploits0
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.42 views

Debian DSA-3974-1 : tomcat8 - security update

Two issues were discovered in the Tomcat servlet and JSP engine. - CVE-2017-7674 Rick Riemer discovered that the Cross-Origin Resource Sharing filter did not add a Vary header indicating possible different responses, which could lead to cache poisoning. - CVE-2017-7675 stretch only Markus...

7.5CVSS6.3AI score0.1014EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2017/09/14 12:0 a.m.33 views

Debian: Security Advisory (DSA-3974-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.08037EPSS
Exploits0References3
0day.today
0day.today
added 2016/06/21 12:0 a.m.71 views

SAP NetWeaver AS JAVA 7.1 < 7.5 - ctcprotocol Servlet XXE

Exploit for java platform in category web applications Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: XXE Sent: 20.10.2015 Reported: 21.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016 Reference: SAP...

7.5CVSS0.1AI score0.15058EPSS
Exploits5
NVD
NVD
added 2016/04/07 7:59 p.m.30 views

CVE-2016-3974

XML external entity XXE vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to tcmonitoringwebserviceweb/ServerNodesWSService, aka SA...

9.1CVSS9AI score0.15058EPSS
Exploits5References5
CVE
CVE
added 2016/04/07 7:0 p.m.78 views

CVE-2016-3974

CVE-2016-3974 affects SAP NetWeaver AS JAVA 7.1–7.5. An XML External Entity (XXE) vulnerability in the Configuration Wizard/ctcprotocol servlet allows remote attackers to cause a denial of service, perform SMB relay actions, or read arbitrary files via a crafted XML to the ServerNodesWSService en...

9.1CVSS9AI score0.15058EPSS
Exploits5References5Affected Software1
CVE
CVE
added 2015/09/28 1:0 a.m.49 views

CVE-2015-3974

The CVE-2015-3974 entry concerns the EasyIO-30P-SF 32-bit controller that ships with hard-coded credentials. Affected firmware versions are before 0.5.21 and before 2.0.5.21, used across multiple OEM products. Root cause: use of a hard-coded password, enabling remote attackers to gain complete ac...

9CVSS6.9AI score0.01869EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2014/06/05 5:0 p.m.46 views

CVE-2014-3974

AuraCMS 3.0 and earlier is affected by an XSS in filemanager.php (via the viewdir parameter). The vulnerability stems from unsanitized input in viewdir, enabling injection of arbitrary script/HTML. Affected product is AuraCMS; version scope is 3.0 and earlier. Public references indicate the issue...

4.3CVSS5.9AI score0.03217EPSS
Exploits1References5Affected Software1
Circl
Circl
added 2014/05/28 12:0 a.m.8 views

CVE-2014-3974

creationtimestamp| type| source ---|---|--- 2014-05-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33555...

4.3CVSS5.8AI score0.03217EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2013/07/17 12:0 a.m.30 views

Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Windows)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvulnaug12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities - August12 Windows Authors: Arun Kallavi Copyright:...

9.3CVSS0.7AI score0.0235EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2013/07/17 12:0 a.m.247 views

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2012) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.4AI score0.0235EPSS
Exploits1References6
Rows per page
Query Builder