Lucene search
K

251 matches found

Cvelist
Cvelist
added 2023/11/14 10:48 p.m.26 views

CVE-2023-45616

There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerabilit...

9.8CVSS10AI score0.02132EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.6 views

The vulnerability of the Netskope client service, related to synchronization errors when using a shared resource, allows a perpetrator to increase their privileges.

The vulnerability of the Netskope client service is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

7CVSS7.1AI score0.00161EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.5 views

PT-2023-3613 · Netskope · Netskope Client Service

Name of the Vulnerable Software and Affected Versions: Netskope client service versions prior to R96 Description: The issue is related to a synchronization error when using a shared resource, which can be exploited by a malicious local user to elevate privileges. The Netskope client service runs ...

7CVSS6.6AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 2022/11/18 2:36 p.m.8 views

SUSE-SU-2022:4080-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.17+8 October 2022 CPU - CVE-2022-39399: Improve HTTP/2 client usagebsc1204480 - CVE-2022-21628: Better HttpServer service bsc1204472 - CVE-2022-21624: Enhance icon presentations bsc1204475 - CVE-2022-21619: Improve...

5.3CVSS5.4AI score0.02376EPSS
Exploits0References15
CNNVD
CNNVD
added 2022/01/14 12:0 a.m.4 views

openSUSE Tumbleweed 安全漏洞

openSUSE Tumbleweed is an open source system from the openSUSE project. A security vulnerability exists in openSUSE Tumbleweed that stems from the openSUSE Tumbleweed Factory's parsec package setting incorrect default permissions, allowing a local attacker to conduct denial-of-service attacks or...

5.9CVSS5.1AI score0.00207EPSS
Exploits1References2
OSV
OSV
added 2021/11/23 3:15 p.m.3 views

CVE-2021-22410

There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client...

5.4CVSS5.8AI score0.00315EPSS
Exploits0References1
NVD
NVD
added 2021/08/13 4:15 p.m.14 views

CVE-2021-32067

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...

6.5CVSS0.00672EPSS
Exploits0References2
OSV
OSV
added 2021/08/13 4:15 p.m.4 views

CVE-2021-32072

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

6.5CVSS6.7AI score0.00804EPSS
Exploits0References2
OSV
OSV
added 2021/08/13 4:15 p.m.3 views

CVE-2021-32067

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...

6.5CVSS6.6AI score0.00672EPSS
Exploits0References2
NVD
NVD
added 2021/08/13 4:15 p.m.16 views

CVE-2021-32070

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...

5.8CVSS0.00639EPSS
Exploits0References2
OSV
OSV
added 2021/08/13 4:15 p.m.4 views

CVE-2021-32070

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...

5.4CVSS6AI score0.00639EPSS
Exploits0References2
NVD
NVD
added 2021/08/13 4:15 p.m.24 views

CVE-2021-32072

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

6.5CVSS0.00804EPSS
Exploits0References2
OSV
OSV
added 2021/08/13 4:15 p.m.1 views

CVE-2021-32068

The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls. A successful exploit could allow an attacker to modify applicatio...

3.7CVSS5.8AI score0.0059EPSS
Exploits0References2
Prion
Prion
added 2021/08/13 4:15 p.m.10 views

Design/Logic Flaw

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...

5.8CVSS5.3AI score0.00639EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/13 4:15 p.m.23 views

Code injection

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

4CVSS6.3AI score0.00804EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/13 3:31 p.m.21 views

CVE-2021-32070

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...

5.6AI score0.00639EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/13 3:27 p.m.20 views

CVE-2021-32067

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...

6.5AI score0.00672EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.6 views

Mitel Networks MiCollab 安全漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A security vulnerability exists in Mitel Networks MiCollab that stems from the product's MiCollab Client service lacking system access validatio...

9.8CVSS8.3AI score0.01169EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.4 views

Mitel Networks MiCollab 安全漏洞

An information disclosure vulnerability exists in the MiCollab Client Service component in Mitel MiCollab versions prior to 9.3, an enterprise collaboration software and tools platform solution. The vulnerability stems from insufficient output validation. An attacker could exploit the vulnerabili...

6.5CVSS5.6AI score0.00672EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.4 views

Mitel Networks MiCollab 授权问题漏洞

An authorization issue vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing, and team collaboration for employees, and stems from the product's MiCollab Client Service component does not validate...

5.8CVSS5.5AI score0.00639EPSS
Exploits0References2
Rows per page
Query Builder