Lucene search
K

3976 matches found

Oracle linux
Oracle linux
added 2021/06/15 12:0 a.m.230 views

Unbreakable Enterprise kernel-container security update

4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...

6.7CVSS7.3AI score0.0072EPSS
Exploits0
Prion
Prion
added 2021/06/11 10:15 p.m.5 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2021/06/11 10:15 p.m.8 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2008. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2021/06/11 10:15 p.m.7 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2021/06/11 5:15 p.m.3 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2021/06/11 5:15 p.m.6 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2021/06/11 5:15 p.m.7 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
CNNVD
CNNVD
added 2021/06/09 12:0 a.m.5 views

Huawei eCNS280_TD 资源管理错误漏洞

Huawei eCNS280TD is the core network equipment of Huawei's wireless broadband trunking system in China. Based on Network Functions Virtualization NFV and cloud-based architecture design, it provides network functions of traditional core networks, but also provides capacity configurations for each...

7.5CVSS5.6AI score0.00677EPSS
Exploits0References3
Prion
Prion
added 2021/05/20 3:15 p.m.14 views

Cross site request forgery (csrf)

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at...

6.8CVSS8.6AI score0.00726EPSS
Exploits1References3Affected Software2
Vulnrichment
Vulnrichment
added 2021/05/20 2:54 p.m.6 views

CVE-2021-25931

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at...

7.1AI score0.00726EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/05/17 12:0 a.m.5 views

PT-2024-11288 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc1-00144-g25a1298726e 13 Description: A vulnerability in the Linux kernel has been resolved, specifically in the isdn: mISDN: netjet module. The issue arises when 'nj setup' in netjet.c fails with -EIO,...

9.8CVSS6.8AI score0.17563EPSS
Exploits10References2196
GithubExploit
GithubExploit
added 2021/05/15 6:52 a.m.33 views

Exploit for Code Injection in Samba

EternalBlue for macOS&Linux An exploit for CVE-2017-7494 in...

10CVSS7.5AI score0.99448EPSS
Exploits24
OSV
OSV
added 2021/05/13 10:31 p.m.21 views

GHSA-8P36-Q63G-68QH Autobinding vulnerability in MITREid Connect

org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment aka Autobinding vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in...

9.1CVSS9.2AI score0.02222EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2021/05/13 10:31 p.m.71 views

Autobinding vulnerability in MITREid Connect

org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment aka Autobinding vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in...

9.1CVSS3.9AI score0.02222EPSS
Exploits1References5Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2021/05/11 12:0 a.m.38 views

Schneider Electric C-Bus Toolkit Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Schneider Electric C-Bus Toolkit. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5AI score0.00765EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.3 views

The vulnerability of the Thunderbird email client, as well as the Firefox and Firefox ESR browsers, relates to errors during permission saving, allowing a malicious actor to mistakenly assign a security certificate to an HTTP page.

The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to errors during the saving of permissions. Exploiting this vulnerability could allow a remote attacker to erroneously assign a security certificate to an HTTP page...

8.5CVSS7AI score0.00554EPSS
Exploits0References14Affected Software20
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.3 views

The vulnerability of the GateManager communication server, related to pointer assignment errors, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the GateManager communication server is related to errors in pointer assignment. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS8.1AI score0.01666EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/04/28 12:0 a.m.18 views

GPAC Integer Overflow Vulnerability (CNVD-2022-04965)

GPAC is an open source multimedia framework. GPAC 1.0.1 is vulnerable to integer overflow, which can be exploited by attackers to cause assignment failures...

7.8CVSS6AI score0.00984EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2021/04/23 12:0 a.m.57 views

Trend Micro HouseCall for Home Networks Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro HouseCall for Home Networks. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.3CVSS3.8AI score0.00346EPSS
Exploits0References1
NVD
NVD
added 2021/04/19 3:15 p.m.19 views

CVE-2021-21981

VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC Role based access control role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level...

7.8CVSS0.00217EPSS
Exploits0References1
Rows per page
Query Builder