Lucene search
K

1682 matches found

BDU FSTEC
BDU FSTEC
added 2021/06/16 12:0 a.m.7 views

The vulnerability of Microsoft Windows Defender operating system allows a hacker to trigger a service failure.

The vulnerability of Microsoft Windows Defender operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS5.9AI score0.01225EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/06/16 12:0 a.m.8 views

Google Android elevation of privilege vulnerability (CNVD-2021-43400)

Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from a memory corruption due to double release in the memory management driver. An attacker coul...

7.8CVSS6.7AI score0.00129EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/11 12:0 a.m.18 views

Information leakage vulnerability in Baisou Video HD APP

Baisou Video HD APP is a video player. Baisou Video HD APP has an information disclosure vulnerability. An attacker can exploit the vulnerability to backup the app and obtain sensitive information...

6.5AI score
Exploits0
OSV
OSV
added 2021/06/09 2:15 a.m.3 views

CVE-2021-20728

Improper access control vulnerability in goo blog App for Android ver.1.2.25 and earlier and for iOS ver.1.3.3 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

5.3CVSS6AI score0.00993EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/09 12:0 a.m.9 views

Jira Server and Jira Data Center cross-site scripting vulnerability (CNVD-2021-44763)

Atlassian JIRA Server and Jira Server & Data Center are both products of Atlassian Australia.Atlassian JIRA Server is the server version of a defect tracking management system. The system is mainly used for tracking and managing all kinds of problems and defects in the workplace.Jira Server & Dat...

6.1CVSS5.8AI score0.01237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/06/08 12:0 a.m.5 views

PT-2021-15137 · Google · Asylo

Name of the Vulnerable Software and Affected Versions: Asylo versions prior to 0.6.2 Description: An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. Recommendations: For Asylo versions prior to 0.6.2, update past 0.6.2 or apply the git commit...

7.8CVSS7.6AI score0.00119EPSS
Exploits0References4
CNVD
CNVD
added 2021/06/05 12:0 a.m.2 views

Denial of Service Vulnerability in CENTUM VP DCS System

The CENTUM VP DCS system is a Shun Control configuration application. A denial of service vulnerability exists in the CENTUM VP DCS system. An attacker could exploit this vulnerability to cause a denial of service...

6.9AI score
Exploits0
CNVD
CNVD
added 2021/05/31 12:0 a.m.2 views

SQL Injection Vulnerability in Ricochet Cloud Group Live Code Generation System (CNVD-2021-41721)

RikerCloud live code management system is an open source, free, live code system that can be operated online to improve efficiency, get more resources and so on. A SQL injection vulnerability exists in the Ricochet Cloud Live Code Generation System, which can be exploited by attackers to obtain...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/05/31 12:0 a.m.1 views

Microhome Software Technology (Hangzhou) Co., Ltd. website builder system suffers from an arbitrary file read vulnerability

Microsoft Technology Hangzhou Co., Ltd. is a professional ECM Collaboration Management Software and BPM Business Process Management Software R & D and solution provider. There is an arbitrary file reading vulnerability in the website building system of Microhome Software Technology Hangzhou Co. A...

7AI score
Exploits0
CNVD
CNVD
added 2021/05/28 12:0 a.m.4 views

ZenFone 4 Max (ZC520KL) suffers from an information disclosure vulnerability

ZenFone 4 Max ZC520KL is a smartphone. An information disclosure vulnerability exists in ZenFone 4 Max ZC520KL. An attacker can exploit the vulnerability to obtain sensitive information...

6.3AI score
Exploits0
CNVD
CNVD
added 2021/05/28 12:0 a.m.4 views

FFmpeg heap buffer overflow vulnerability (CNVD-2021-39759)

FFmpeg is a complete solution for recording, converting and streaming audio and video. A heap buffer overflow vulnerability exists in crossfadesamplesfltp in libavfilter/afafade.c in FFmpeg version 4.2. An attacker can exploit this vulnerability to cause memory corruption...

8.8CVSS7AI score0.01172EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/26 12:0 a.m.8 views

Google Chrome post-release reuse vulnerability (CNVD-2021-41140)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability in WebAuthentication in versions prior to Google Chrome 91.0.4472.77 can be exploited by a remote attacker to corrupt the rendere...

8.8CVSS6.3AI score0.01346EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/25 12:0 a.m.6 views

Shopizer Cross-Site Scripting Vulnerability

Shopizer is a Java open source e-commerce software. A stored cross-site scripting vulnerability exists in Shopizer versions prior to 2.17.0. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML via the customername in various forms managed by the store...

4.8CVSS5.6AI score0.0285EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.7 views

The vulnerability of the “forward first” DNS server mode in Bind9, which allows a attacker to cause a service failure.

The “forward first” mode of the Bind9 DNS server has vulnerabilities due to insufficient validation of input data. Exploiting these vulnerabilities can allow a malicious actor to cause service failures...

7.5CVSS6.7AI score0.02944EPSS
Exploits0References9Affected Software2
CNVD
CNVD
added 2021/05/21 12:0 a.m.3 views

Red Hat Wildfly Cross-Site Scripting Vulnerability

Red Hat Wildfly is the United States Red Hat Red Hat, Inc. of a lightweight JavaEE-based open source application server . A cross-site scripting vulnerability exists in Red Hat Wildfly versions prior to 23.0.2. An attacker can exploit this vulnerability by adding a payload to the name field to...

4.8CVSS5.6AI score0.00528EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.4 views

Cisco Small Business 命令注入漏洞

Cisco Small Business is a switch from the American company Cisco Cisco. An input validation error vulnerability exists in the Cisco Small Business product, which results from an incorrect validation provided to the user. An attacker could exploit this vulnerability to perform command injection fo...

9CVSS7.2AI score0.0166EPSS
Exploits0References4
CNVD
CNVD
added 2021/05/19 12:0 a.m.7 views

node-mpv formatting string error vulnerability

node-mpv is a Node.js based MPV player module. A security vulnerability exists in mpv version 0.33.0 and earlier versions, which can be exploited by an attacker to achieve code execution via a crafted m3u playlist file...

7.8CVSS7AI score0.02409EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/18 12:0 a.m.3 views

Weak Password Vulnerability in Huawei Technologies S5700 Series Switches

Founded in 1987, Huawei Technologies Co., Ltd. is a leading global provider of ICT information and communications infrastructure and smart terminals. A weak password vulnerability exists in the S5700 series switches of Huawei Technologies Co. that can be exploited by attackers to obtain sensitive...

6.9AI score
Exploits0
CNVD
CNVD
added 2021/05/18 12:0 a.m.4 views

Google TensorFlow SparseDenseCwiseMul Heap Out-of-Bounds Access Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds access vulnerability exists in Google TensorFlow SparseDenseCwiseMul. An attacker can exploit the vulnerability by passing an invalid parameter to "tf.raw\u ops.backpropinput" to write outside the...

7.8CVSS6.5AI score0.00201EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/18 12:0 a.m.6 views

GNU LibreDWG Memory Leak Vulnerability

LibreDWG is a free C library for reading and writing DWG files. GNU LibreDWG version 0.10 in dwgdecodeeed ... /... A memory leak vulnerability exists in /src/decode.c:3638. An attacker could cause a memory leak by exploiting this vulnerability via specially crafted input...

6.5CVSS6.7AI score0.01198EPSS
Exploits1References1
Rows per page
Query Builder