Lucene search
K

5111 matches found

Microsoft CVE
Microsoft CVE
added 2022/02/02 2:3 a.m.25 views

Chromium: CVE-2022-0459 Use after free in Screen Capture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.8AI score0.00761EPSS
Exploits0
Trellix
Trellix
added 2022/02/01 12:0 a.m.15 views

Trellix Launches Annual CTF Competition – Catmen Sanfrancisco!

Trellix Launches Annual CTF Competition – Catmen Sanfrancisco! By Trellix · February 1, 2022 This story was written by Steve Povolny. The Advanced Threat Research team, now with Trellix, is pleased to announce the return of our second annual Capture the Flag contest featuring 12 new challenges of...

6.4AI score
Exploits0
Trellix
Trellix
added 2022/02/01 12:0 a.m.12 views

Trellix Launches Annual CTF Competition – Catmen Sanfrancisco!

Trellix Launches Annual CTF Competition – Catmen Sanfrancisco! By Trellix · February 1, 2022 This story was written by Steve Povolny. The Advanced Threat Research team, now with Trellix, is pleased to announce the return of our second annual Capture the Flag contest featuring 12 new challenges of...

6.9AI score
Exploits0
Huntr
Huntr
added 2022/01/30 12:2 p.m.11 views

Cross-site Scripting (XSS) - Reflected in navigatecms/navigate-cms

Description Cross-Site Scripting is vulnerability which allows attackers to execute arbitrary javascript code in the browser of victim. Proof of Concept Parameter: id Payload: alertdocument.cookie Affected endpoints: On Firefox browser, visit: 1...

1.1AI score
Exploits0References1
Veracode
Veracode
added 2022/01/29 10:24 p.m.35 views

Denial Of Service (DoS)

wireshark:edge is vulnerable to denial of service. Crash in the RFC 7468 dissector allows denial of service via packet injection or crafted capture file...

7.5CVSS2.9AI score0.03296EPSS
Exploits1References10Affected Software1
Veracode
Veracode
added 2022/01/29 10:23 p.m.31 views

Denial Of Service (DoS)

wireshark:edge is vulnerable to denial of service. Infinite loop in the BitTorrent DHT dissector allows denial of service via packet injection or crafted capture file...

7.5CVSS2.6AI score0.03879EPSS
Exploits1References11Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2014-0068)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS6.5AI score0.00516EPSS
Exploits1References4
hivepro
hivepro
added 2022/01/26 5:39 a.m.14 views

MoonBounce: New malware deployed by APT41 in UEFI firmware

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...

0.5AI score
Exploits0
Gitee
Gitee
added 2022/01/25 4:48 p.m.5 views

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Cheng, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/01/24 12:0 a.m.31 views

GLSA-202105-21 : Tcpreplay: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202105-21 Tcpreplay: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Tcpreplay. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...

7.5CVSS8.1AI score0.02531EPSS
Exploits2References3
Fedora
Fedora
added 2022/01/20 8:34 a.m.51 views

[SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.5CVSS7AI score0.03879EPSS
Exploits7
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.4 views

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

...

7.5CVSS6.9AI score0.03158EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.3 views

Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

...

7.5CVSS6.9AI score0.07502EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.3 views

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

...

7.5CVSS7AI score0.02205EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.1 views

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

...

7.5CVSS7.3AI score0.03296EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.3 views

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

...

7.5CVSS7.3AI score0.03774EPSS
Exploits1
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.4 views

Umbraco 环境问题漏洞

Umbraco is an open source Content Management System CMS written in C by Umbraco, Denmark. The Umbraco CMS is vulnerable to an environmental issue that could allow an attacker to change the URL that a user receives when resetting their password to point to the attacker's server, and when the user...

8.6CVSS7.5AI score0.01138EPSS
Exploits2References2
NVD
NVD
added 2022/01/14 6:15 p.m.12 views

CVE-2021-24046

A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0...

5.3CVSS0.00698EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/14 6:10 p.m.14 views

CVE-2021-24046

A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0...

5.5AI score0.00698EPSS
Exploits0References1
CVE
CVE
added 2022/01/14 6:10 p.m.40 views

CVE-2021-24046

CVE-2021-24046 describes a logic flaw in Ray-Ban Stories device software that allows certain parameters, notably the video capture duration limit, to be modified through the Facebook View application. Affected are device software versions prior to 2107460.6810.0. The connected sources consistentl...

5.3CVSS5.2AI score0.00698EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder