Lucene search
+L

117 matches found

Veracode
Veracode
added 2022/07/12 6:12 a.m.35 views

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

7.1CVSS7.1AI score0.00322EPSS
Exploits0References15Affected Software1
Veracode
Veracode
added 2022/07/12 6:8 a.m.20 views

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

7.1CVSS7.1AI score0.00325EPSS
Exploits0References15Affected Software1
Veracode
Veracode
added 2022/07/12 6:8 a.m.29 views

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

7.1CVSS7.1AI score0.00322EPSS
Exploits0References15Affected Software1
UbuntuCve
UbuntuCve
added 2022/07/05 1:15 p.m.49 views

CVE-2022-26365

Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...

7.1CVSS6.7AI score0.00322EPSS
Exploits0References30
Debian CVE
Debian CVE
added 2022/07/05 12:50 p.m.114 views

CVE-2022-26365

Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...

7.1CVSS6.4AI score0.00322EPSS
Exploits0
Apple
Apple
added 2022/05/25 12:0 a.m.17 views

Apple Security Update: tvOS 15.5.1

Apple recommends to install security update tvOS 15.5.1 on devices Apple TV 4K, Apple TV 4K 2nd generation, and Apple TV HD...

1.1AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.6 views

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

9.3CVSS8.1AI score0.01076EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.2 views

Apple TV 4K和Apple TV HD 信任管理问题漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A trust management issue vulnerability exists in Apple TV 4K, Appl...

5.5CVSS6.6AI score0.02661EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.7 views

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

9.3CVSS8AI score0.03546EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.4 views

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple. Apple tvOS suffers from a buffer error vulnerability that stems from a boundary error in WebKit's handling of HTML content. A remote attacker could trick a victim into visiting a specially crafted website, trigger a memory corruption, an...

8.8CVSS8.7AI score0.00869EPSS
Exploits0References29
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.7 views

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

9.3CVSS8.1AI score0.00922EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.5 views

Apple TV 资源管理错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product. A resource management error vulnerability exists in Apple TV 4K, Appl...

9.3CVSS7.8AI score0.02821EPSS
Exploits0References14
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.4 views

Apple TV 竞争条件问题漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... Apple TV 4K, Apple TV 4K 2nd Generation, and Apple TV HD are...

4.7CVSS5.1AI score0.00196EPSS
Exploits0References10
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.2 views

Apple tvOS 资源管理错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple. Apple tvOS suffers from a resource management error vulnerability that originates from a post-release reuse error in WebKit when processing HTML content. A remote attacker could trick a victim into visiting a specially crafted website,...

8.8CVSS8.5AI score0.01424EPSS
Exploits0References30
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.5 views

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple. Apple tvOS suffers from a buffer error vulnerability that stems from a boundary error in WebKit's handling of HTML content. A remote attacker could trick a victim into visiting a specially crafted website, trigger a memory corruption, an...

8.8CVSS8.7AI score0.00911EPSS
Exploits0References28
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.8 views

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

9.3CVSS8.1AI score0.00922EPSS
Exploits0References9
0day.today
0day.today
added 2022/01/18 12:0 a.m.283 views

Creston Web Interface 1.0.0.2159 - Credential Disclosure Vulnerability

Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...

10CVSS9.7AI score0.75711EPSS
Exploits5
NVD
NVD
added 2022/01/15 3:17 p.m.45 views

CVE-2022-23178

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...

10CVSS0.75711EPSS
Exploits5References1
Cvelist
Cvelist
added 2022/01/15 2:40 p.m.49 views

CVE-2022-23178

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...

9.7AI score0.75711EPSS
Exploits5References1
CVE
CVE
added 2022/01/15 2:40 p.m.115 views

CVE-2022-23178

CVE-2022-23178 affects Crestron HD-MD4X2-4K-E devices (firmware v1.0.0.2159). The unauthenticated admin web interface exposes credentials by sending a JSON payload with uname and upassword via aj.html, enabling login to the web interface. Impact is high (full authentication/password disclosure wi...

10CVSS9.3AI score0.75711EPSS
In wildExploits5References1Affected Software1
Rows per page
Query Builder