Lucene search
K

3979 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/21 12:0 a.m.5 views

The vulnerability in the implementation of the Windows SMB network protocol of the Microsoft operating system allows a perpetrator to cause a service failure.

The vulnerability of the Windows SMB network protocol implementation in Microsoft Windows is related to the assignment of the zero pointer. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.5AI score0.06977EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:26 p.m.3 views

Malicious code in agent-assignment (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 217fcc369833f6ff3dc1d06acc53977e4efec8c7efca86e4811aa115598b353e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:26 p.m.6 views

MAL-2022-891 Malicious code in agent-assignment (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 217fcc369833f6ff3dc1d06acc53977e4efec8c7efca86e4811aa115598b353e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2022/06/19 9:30 p.m.63 views

VAmPI - Vulnerable REST API With OWASP Top 10 Vulnerabilities For Security Testing

The Vulnerable API Based on OpenAPI 3 VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a...

7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/06/16 12:0 a.m.25 views

Trend Micro Proxy One Pro Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Proxy One Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produc...

7.8CVSS5AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/15 12:0 a.m.4 views

Splunk 安全漏洞

Splunk is a suite of data collection and analysis software from Splunk, Inc. The software is primarily used to collect, index, and analyze the data it generates, including data generated by all IT systems and infrastructure physical, virtual machines, and cloud.A resource privilege assignment err...

7.5CVSS5.6AI score0.01799EPSS
Exploits0References6
ICS
ICS
added 2022/06/14 12:0 a.m.123 views

Siemens Xpedition Designer

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.9AI score0.00201EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2022/06/07 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1791)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.05524EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.44 views

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1791)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows ...

7.8CVSS7AI score0.05524EPSS
Exploits3References8
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.2 views

CVE-2022-30832

Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/clientassign.php?booking=31&userid=...

7.2CVSS5.9AI score0.00945EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/06/02 12:0 a.m.6 views

The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices allows a perpetrator to escalate their privileges or execute arbitrary commands.

The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices is related to privilege assignment errors. Exploiting this vulnerability can allow an attacker to enhance their privileges or execute arbitrary commands...

7.8CVSS6.8AI score0.00223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/28 12:0 a.m.33 views

SUSE SLED15 / SLES15 Security Update : go1.17 (SUSE-SU-2022:1862-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1862-1 advisory. - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags...

5.3CVSS7.1AI score0.02593EPSS
Exploits1References5
NVD
NVD
added 2022/05/27 12:15 a.m.17 views

CVE-2022-30700

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS0.00288EPSS
Exploits0References2
CVE
CVE
added 2022/05/26 11:25 p.m.70 views

CVE-2022-30700

CVE-2022-30700 concerns Trend Micro Apex One and Apex One as a Service. The vulnerability is an incorrect permission assignment that lets a local attacker load a DLL with escalated privileges, requiring initial low-privilege code execution. The issue affects Apex One products and can lead to priv...

7.8CVSS7.6AI score0.00288EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/05/24 5:27 p.m.4 views

GHSA-C7RM-W2HJ-X8G3 Guard bypass in Eloquent models affecting Laravel illuminate database component

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database component in some situations in which table names are stripped during a mass assignment...

7.5CVSS7.4AI score0.01203EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:27 p.m.24 views

Guard bypass in Eloquent models affecting Laravel illuminate database component

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database component in some situations in which table names are stripped during a mass assignment...

7.5CVSS6.6AI score0.01203EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/24 5:5 p.m.25 views

GHSA-G9M2-C2X5-FR2V Moodle does not revoke role capabilities correctly

A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked where applicable...

5.4CVSS5.7AI score0.00709EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:5 p.m.20 views

Moodle does not revoke role capabilities correctly

A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked where applicable...

5.5CVSS6.9AI score0.00709EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/24 4:52 p.m.21 views

GHSA-H7XP-7FJP-GHHC moodle Improper Access Control

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...

4CVSS4.7AI score0.00888EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/24 4:52 p.m.16 views

moodle Improper Access Control

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...

4.3CVSS6.6AI score0.00888EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder