Lucene search
+L

213 matches found

OSV
OSV
added 2020/09/25 6:15 a.m.4 views

CVE-2020-26109

cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification SEC-557...

7.5CVSS7.1AI score0.01207EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/18 12:0 a.m.5 views

Google Android actory reset protection privilege checking vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A privilege checking vulnerability exists in Android-11 version factory reset protection. The vulnerability stems from a lack of privilege checking, which allows an attacker to bypass the FRP,...

7.8CVSS7.4AI score0.00163EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/30 12:0 a.m.4 views

Squid Environment Issues Vulnerabilities

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. An environmental issue vulnerability exists in the http/ContentLengthInterpreter.cc file in Squid versions prior to 4....

9.9CVSS9AI score0.05706EPSS
Exploits0References1
OSV
OSV
added 2020/04/13 12:0 a.m.6 views

UBUNTU-CVE-2020-10702

A flaw was found in QEMU in the implementation of the Pointer Authentication PAuth support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker...

5.5CVSS6.8AI score0.00331EPSS
Exploits0References3
CNVD
CNVD
added 2020/04/10 12:0 a.m.8 views

Avira Operations Free Antivirus Code Injection Vulnerability

Avira Operations Free Antivirus is a suite of antivirus programs from Avira Operations. A security vulnerability exists in Avira Operations Free Antivirus versions prior to 15.0.2004.1825, which stems from a self-protection feature that does not prohibit write operations by external processes. Th...

9.8CVSS6.9AI score0.01997EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2019-1359)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.12261EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.37 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.2AI score0.92499EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1016)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.92499EPSS
Exploits8References2
NVD
NVD
added 2020/01/13 9:15 p.m.18 views

CVE-2019-19680

A file-extension filtering vulnerability in Proofpoint Enterprise Protection PPS / PoD, in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms related to extensions, MIME types, virus detection, and journal entries for transmitted...

8.8CVSS8.6AI score0.01053EPSS
Exploits0References2
OSV
OSV
added 2019/12/11 2:15 a.m.5 views

UBUNTU-CVE-2019-19709

MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...

6.1CVSS6.5AI score0.01564EPSS
Exploits1References4
CNVD
CNVD
added 2019/08/22 12:0 a.m.6 views

cPanel Authorization Issues Vulnerability (CNVD-2019-29022)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker can exploit the vulnerability to bypass the...

6.5CVSS6.8AI score0.00985EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.31 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0035)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities: - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent...

9.3CVSS7.4AI score0.92499EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.31 views

EulerOS Virtualization 3.0.1.0 : libxslt (EulerOS-SA-2019-1606)

According to the versions of the libxslt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access...

9.8CVSS7.2AI score0.05089EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.37 views

EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-1592)

According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon...

9.8CVSS7.2AI score0.05089EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.38 views

EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1359)

According to the version of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection...

9.1CVSS6.9AI score0.12261EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.32 views

EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2019-1318)

According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon...

9.8CVSS7.2AI score0.05089EPSS
Exploits0References3
OSV
OSV
added 2019/04/30 7:29 p.m.3 views

CVE-2019-11193

The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via CMDFILEMANAGER, CMDSHOWUSER, and CMDSHOWRESELLER; an attacker can bypass the CSRF protection with this, and take over the administration panel...

6.1CVSS5.8AI score0.02094EPSS
Exploits5References3
NVD
NVD
added 2019/04/17 10:29 p.m.22 views

CVE-2019-1686

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

8.6CVSS6.5AI score0.01588EPSS
Exploits0References2
NVD
NVD
added 2019/04/10 8:29 p.m.16 views

CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...

9.8CVSS9.4AI score0.05089EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2019/04/10 7:38 p.m.4 views

CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...

6.8AI score0.05089EPSS
Exploits0References16
Rows per page
Query Builder