Lucene search
K

183 matches found

CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

Hitachi Energy MACH System Software 安全漏洞

Hitachi Energy MACH System Software is a MACH real-time high-performance control system platform from Hitachi, Japan. A security vulnerability exists in Hitachi Energy MACH System Software that originates from an authenticated malicious client that can send a special LINQ query to remotely execut...

7.5CVSS7.2AI score0.00459EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

Hitachi Energy MACH System Software 安全漏洞

Hitachi Energy MACH System Software is a MACH real-time high-performance control system platform from Hitachi, Japan. A security vulnerability exists in Hitachi Energy MACH System Software, which originates from an authenticated malicious client that can send specially crafted code to skip...

7.5CVSS7.6AI score0.00628EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-18819 · Unknown · Scm Server

Name of the Vulnerable Software and Affected Versions: SCM Server affected versions not specified Description: The issue allows an authenticated malicious client to send a special LINQ query to execute arbitrary code remotely on the SCM Server, which an attacker would not otherwise have...

7.5CVSS6.2AI score0.01782EPSS
Exploits0References158
RedHat Linux
RedHat Linux
added 2024/01/29 11:50 a.m.4 views

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

6.5CVSS6.7AI score0.01314EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/01/18 2:52 a.m.3 views

SUSE CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.4AI score0.01261EPSS
Exploits0References6
OSV
OSV
added 2024/01/12 7:15 p.m.3 views

AZL-43054 CVE-2023-6683 affecting package qemu for versions less than 8.2.0-13

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.6AI score0.01261EPSS
Exploits0References1
OSV
OSV
added 2024/01/12 7:15 p.m.8 views

AZL-40048 CVE-2023-6683 affecting package qemu for versions less than 6.2.0-21

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.6AI score0.01261EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/16 12:0 a.m.5 views

PT-2023-8255 · Qemu +10 · Qemu +10

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu clipboard request function can be reached before vnc server cut text caps was called and had...

8.8CVSS5.8AI score0.01592EPSS
Exploits5References150
RedHat Linux
RedHat Linux
added 2023/11/07 8:56 a.m.6 views

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

6.5CVSS6.7AI score0.01314EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/11/01 2:10 a.m.8 views

CVE-2023-2621

The McFeeder server distributed as part of SSW package, is susceptible to an arbitrary file write vulnerability on the MAIN computer system. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An...

6.5CVSS6.4AI score0.00486EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/09/13 5:15 p.m.34 views

CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.9AI score0.01405EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/08 12:0 a.m.33 views

EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2586)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

6.5CVSS6.2AI score0.01314EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.50 views

EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2023-2542)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated...

6.5CVSS6.2AI score0.01314EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2023/07/04 9:17 a.m.37 views

CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.2AI score0.01405EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/04 12:0 a.m.4 views

PT-2023-9176 · Qemu +10 · Qemu +10

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker-controlled zlib buffer ...

8.8CVSS5.9AI score0.01592EPSS
Exploits7References185
NVD
NVD
added 2023/06/28 5:15 p.m.9 views

CVE-2023-2625

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

9CVSS9.1AI score0.00478EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/28 4:15 p.m.6 views

CVE-2023-2625

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

9CVSS7.1AI score0.00478EPSS
Exploits0References1
CVE
CVE
added 2023/06/28 4:15 p.m.36 views

CVE-2023-2625

CVE-2023-2625 (CoreTec 4) : The provided documents describe a command-injection vulnerability in Hitachi Energy TXpert Hub CoreTec 4. An authenticated client on the same network segment (with any access level from VIEWER to ADMIN) can inject shell commands through a specific field in the web UI, ...

9CVSS7.7AI score0.00478EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/28 4:15 p.m.17 views

CVE-2023-2625

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

9CVSS9.2AI score0.00478EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.4 views

PT-2023-20563 · Coretec 4 · Coretec 4

Name of the Vulnerable Software and Affected Versions: CoreTec 4 affected versions not specified Description: A vulnerability exists that can be exploited by an authenticated client connected to the same network segment as the system, with any level of access from VIEWER to ADMIN. The attacker ca...

9CVSS7.7AI score0.00478EPSS
Exploits0References3
Rows per page
Query Builder