Lucene search
+L

60 matches found

ossf
ossf
added 2024/01/24 8:23 p.m.3 views

Malicious code in wlwz-2312-6401 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecd21490c3df2301f5956fb6a0d391b715d2061566e8c0fc3e29d6de692f0d8a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2024/01/24 8:23 p.m.11 views

MAL-2024-747 Malicious code in wlwz-2312-6401 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecd21490c3df2301f5956fb6a0d391b715d2061566e8c0fc3e29d6de692f0d8a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
osv
osv
added 2024/01/11 8:15 a.m.6 views

CVE-2024-0252

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...

8.8CVSS6.3AI score0.07814EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/01/11 12:0 a.m.7 views

ZOHO ManageEngine ADSelfService Plus Security Vulnerability

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6401 and prior versions, which stems from a remote code...

8.8CVSS8.2AI score0.07814EPSS
Exploits0References2
cve
cve
added 2023/11/30 2:31 p.m.100 views

CVE-2023-6401

CVE-2023-6401 affects NotePad++ up to version 8.1. The vulnerability is DLL search/path hijacking in dbghelp.dll loaded by the application, enabling local attackers to execute arbitrary code. The root cause is an uncontrolled search path that can cause the malicious dbghelp.dll in the application...

7.8CVSS6.3AI score0.00332EPSS
Exploits1References2Affected Software1
nessus
nessus
added 2023/10/04 12:0 a.m.58 views

Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : FreeRDP vulnerabilities (USN-6401-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6401-1 advisory. It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause...

9.8CVSS6.6AI score0.01432EPSS
Exploits10References11
openvas
openvas
added 2022/01/28 12:0 a.m.39 views

Mageia: Security Advisory (MGASA-2020-0123)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.78808EPSS
Exploits29References11
openvas
openvas
added 2020/03/29 12:0 a.m.33 views

Fedora: Security Advisory for chromium (FEDORA-2020-39e0b8bd14)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.8AI score0.78808EPSS
Exploits36References4
nvd
nvd
added 2020/02/11 3:15 p.m.18 views

CVE-2020-6401

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

6.5CVSS6.6AI score0.01945EPSS
Exploits0References9
osv
osv
added 2020/02/11 3:15 p.m.8 views

CVE-2020-6401

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

6.5CVSS8.1AI score
Exploits0References9
ubuntucve
ubuntucve
added 2020/02/11 3:15 p.m.22 views

CVE-2020-6401

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

6.5CVSS6.8AI score0.01945EPSS
Exploits0References1
cve
cve
added 2020/02/11 2:42 p.m.241 views

CVE-2020-6401

CVE-2020-6401 affects Google Chrome/Chromium Omnibox. The root cause is insufficient validation of untrusted input, enabling domain spoofing via IDN homographs with crafted domain names. Public sources in connected documents describe a domain-spoofing vulnerability tied to Omnibox input validatio...

6.5CVSS6.4AI score0.01945EPSS
Exploits0References9Affected Software1
redhatcve
redhatcve
added 2020/02/10 12:15 p.m.20 views

CVE-2020-6401

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

6.5CVSS4.1AI score0.01945EPSS
Exploits0References4
chrome
chrome
added 2020/02/04 12:0 a.m.64 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 80 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 80.0.3987.87 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

8.8CVSS9.1AI score0.06997EPSS
Exploits17Affected Software1
nessus
nessus
added 2020/02/04 12:0 a.m.112 views

Google Chrome < 80.0.3987.87 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 80.0.3987.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 202002stable-channel-update-for-desktop advisory. - Insufficient data validation in streams in Google Chrome prior to 80.0.3987.8...

8.8CVSS7.5AI score0.06997EPSS
Exploits19References74
nvd
nvd
added 2018/05/02 7:29 a.m.15 views

CVE-2018-6401

Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password...

9.8CVSS9.5AI score0.01228EPSS
Exploits1References1
cve
cve
added 2018/05/02 7:0 a.m.41 views

CVE-2018-6401

Meross MSS110 devices prior to version 1.1.24 expose a TELNET listener that grants access for an undocumented admin account with a blank password. The issue, consistently described across NVD, CNVD, and CVE records, is due to the TELNET service remaining active with empty credentials. Public deta...

9.8CVSS9.4AI score0.01228EPSS
Exploits1References1Affected Software1
nessus
nessus
added 2017/11/30 12:0 a.m.96 views

Veritas NetBackup Appliance < 2.7.2 / 3.1.0 Multiple Vulnerabilities (VTS17-003)

According to its self-reported version, the remote Veritas NetBackup Appliance is 2.7.x or 3.0.x. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid104888;...

9.8CVSS6.8AI score0.26677EPSS
Exploits0References13
cve
cve
added 2017/05/11 2:1 p.m.24 views

CVE-2012-6401

CVE-2012-6401 is rejected/not used and does not represent an active vulnerability entry.

6.6AI score
Exploits0
cve
cve
added 2017/03/02 6:0 a.m.65 views

CVE-2017-6401

CVE-2017-6401 affects Veritas NetBackup (before 8.0) and NetBackup Appliance (before 3.0). The issue enables local arbitrary command execution when using the bpcd and bpnbat components. The connected documents corroborate the affected products and the local-execution vector but do not provide con...

7.8CVSS8.4AI score0.00364EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder