Lucene search
+L

97 matches found

CNVD
CNVD
added 2021/02/26 12:0 a.m.9 views

CloudBees Jenkins Active Choices Plugin Cross-Site Scripting Vulnerability

Jenkins Active Choices is a Jenkins open source application plugin . Used in parameterized freestyle Jenkins jobs to create scripted , dynamic and interactive job parameters. A cross-site script execution vulnerability exists in Jenkins Active Choices Plugin 2.5.2 and earlier versions. The...

4.6CVSS5.9AI score0.78819EPSS
Exploits0References1
NVD
NVD
added 2021/02/04 8:15 p.m.25 views

CVE-2021-25249

An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain...

7.8CVSS0.00426EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:41 p.m.7 views

kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure

An out-of-bounds OOB memory access flaw was found in the Qlogic ISCSI module in the Linux kernel's qedidbg family of functions in drivers/scsi/qedi/qedidbg.c. Here a local attacker with a special user privilege account or a root can cause an out-of-bound memory access leading to a system crash or...

6.7CVSS7.1AI score0.00464EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/03/12 11:5 p.m.16 views

CVE-2020-8469

Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation...

7.7AI score0.00455EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/11/19 9:15 p.m.25 views

CVE-2011-2923

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...

5.5CVSS6.9AI score0.00402EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/07 12:0 a.m.3 views

Schben Adive Privilege Control Vulnerability

Schben Adive is a PHP-based web development framework . A security vulnerability exists in the Internal/Views/addUsers.php file in Schben Adive version 2.0.7. A remote attacker can exploit this vulnerability to create administrator privileges with admin/user/add...

8.8CVSS6.9AI score0.09313EPSS
Exploits5References1
OSV
OSV
added 2019/06/04 7:29 p.m.3 views

CVE-2019-5300

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the...

6.7CVSS6.7AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2018/04/19 2:29 a.m.1 views

ALPINE-CVE-2018-2759

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

4.9CVSS5.6AI score0.02828EPSS
Exploits0References1
OSV
OSV
added 2018/04/12 4:29 p.m.29 views

CVE-2018-1086

pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to...

7.5CVSS7.7AI score0.01655EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2016/09/28 11:17 p.m.36 views

CVE-2016-5398

A security flaw was found in the way Business Process Editor displays the business process details to the user. A remote authenticated attacker with privilege to create business processes could use this flaw to conduct stored XSS attacks against other users...

5.4CVSS5.2AI score0.00847EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.29 views

Ubuntu 14.04 LTS : OpenStack Keystone vulnerability (USN-2406-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2406-1 advisory. Brant Knudson discovered that OpenStack Keystone did not properly perform input sanitization when performing endpoint catalog substitution. A remote attacker with...

4CVSS5.5AI score0.02109EPSS
Exploits1References2
0day.today
0day.today
added 2004/12/24 12:0 a.m.50 views

Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

Exploit for linux platform in category local exploits ============================================================= Linux Kernel 2.6.x chown Group Ownership Alteration Exploit ============================================================= / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $...

6.8AI score0.00801EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.23 views

FreeBSD : SA-04:02.shmat

The remote host is running a version of the FreeBSD kernel which may be contains a programming error in the shmat2 system call which can let a local attacker to gain read or write access to a portion of the kernel memory which in turn might be used to elevate his privileges or gain access to...

4.6CVSS5.5AI score0.00724EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/10/01 12:0 a.m.72 views

Default Password (ibmdb2) for 'db2fenc1' Account

The account 'db2fenc1' has the password 'ibmdb2'. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 This script was written by Chris Foster See the Nessus Scripts License for details Changes by Tenable Add globalsettings/suppliedloginsonly scriptexcludekey...

7.5CVSS8.2AI score0.53618EPSS
Exploits42References2
CERT
CERT
added 2003/04/10 12:0 a.m.25 views

SGI IRIX "xfsdump" creates quota information files insecurely

Overview A vulnerability exists in xfsdump on SGI IRIX. Exploitation of this vulnerability may allow a local attacker to gain root privileges. Because other operating systems ship with xfsdump, vendors other than SGI may be affected. Description From the xfsdump man page:xfsdump backs up files an...

7.2CVSS5.6AI score0.00489EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2003/02/20 12:0 a.m.55 views

Default Password (guest) for 'guest' Account

The account 'guest' has the password 'guest' set. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "guest"; password = "guest"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11256;...

7.5CVSS8.2AI score0.53618EPSS
Exploits41References2
Exploit DB
Exploit DB
added 2000/11/01 12:0 a.m.27 views

Debian 2.x / RedHat 6.2 / IRIX 5/6 / Solaris 2.x - Mail Reply-To Field

source: https://www.securityfocus.com/bid/1910/info mail is a simple console e-mail client. A vulnerability exists in several vendors' distributions of this program. An attacker can compose an email message with a carefully-formed string in the Reply-To: field which includes shell meta-characters...

7.4AI score
Exploits0
Rows per page
Query Builder