Lucene search
K

77 matches found

CNVD
CNVD
added 2019/07/08 12:0 a.m.13 views

Advantech WebAccess/SCADA Out-of-Bounds Write Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, Taiwan, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An out-of-bounds write vulnerability...

8.8CVSS7.3AI score0.05654EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/29 12:0 a.m.2 views

SQL injection vulnerability in Tpshop v3.5 Ar***.php page (CNVD-2019-18764)

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 Ar.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2019/05/24 12:0 a.m.5 views

FreeBSD rtld execl elevation of privilege vulnerability (CNVD-2019-15522)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. An elevation of privilege vulnerability exists in the rtld function of Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD versions 7.1 and 8.0. The vulnerability stems from a lack of effective...

7.2CVSS7.3AI score0.03903EPSS
Exploits5References1
CNVD
CNVD
added 2019/03/29 12:0 a.m.2 views

File Containment Vulnerability in DM Website System Backend

DM building system is developed by php + mysql a set of specialized for small and medium-sized enterprise website construction of open source cms. DM website builder system has a file inclusion vulnerability , attackers can use the vulnerability to obtain sensitive information...

6.6AI score
Exploits0
CNVD
CNVD
added 2019/03/15 12:0 a.m.2 views

IBM DB2 Elevation of Privilege Vulnerability (CNVD-2019-07257)

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM DB2 including DB2 Connect Server based on Linux, UNIX and Windo...

8.4CVSS7.1AI score0.00406EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/15 12:0 a.m.1 views

SQL Injection Vulnerability in the jdo*** Component jdo*** Module of joomla!

joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the jdo module of the joomla! jdo component. The vulnerability allows attackers to obtain sensitive information about the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2019/03/08 12:0 a.m.3 views

zzcms SQL Injection Vulnerability (CNVD-2019-13260)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in the /user/logincheck.php file in ZZCMS version 8.3. The vulnerability can be exploited by a remote attacker to execute SQL commands with the help of the 'X-Forwarded' parameter in the HTTP...

9.8CVSS8.4AI score0.01537EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.4 views

Unspecified vulnerability in LCDS LAquis SCADA (CNVD-2019-28111)

LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.1.0.3870, whi...

9.8CVSS7.3AI score0.02462EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/28 12:0 a.m.6 views

Micro Focus SUSE shadow package elevation of privilege vulnerability

The Micro Focus SUSE shadow package is an encryption-enabled software package for use on Linux systems from Micro Focus, a British company. A security vulnerability exists in the SUSE useradd.c code for useradd in the Micro Focus SUSE shadow package. A local attacker could exploit the vulnerabili...

7.8CVSS7.4AI score0.00301EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/21 12:0 a.m.4 views

Exiv2 Null Pointer Dereference Vulnerability

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. A null pointer dereference vulnerability exists in the Exiv2::DataValue::copy function in value.cpp in Exiv2 0.26, which can be exploited by an attacker to cause a denial of service null pointer...

6.5CVSS7.2AI score0.02062EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/10 12:0 a.m.2 views

ImageMagick memory leak vulnerability (CNVD-2019-29209)

ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A memory leak vulnerability exists in the 'formatIPTCfromBuffer' function in the coders/meta.c file in ImageMagick version 7.0.7-29 and prior versions. No details of the vulnerability are...

6.5CVSS7.1AI score0.02914EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/01 12:0 a.m.3 views

Foxit Reader Remote Code Execution Vulnerability (CNVD-2018-14453)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

8.8CVSS8.8AI score0.02773EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/15 12:0 a.m.5 views

SQL Injection Vulnerability in Shenzhen PointClear Information Technology PointClear MIS Management Information System

PointClear MIS Management Information System is an enterprise-level instant messaging platform launched by PointClear. Shenzhen PointClear Information Technology PointClear MIS Management Information System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/06/13 12:0 a.m.12 views

Unspecified vulnerability in noderequest

noderequest is a package of request nodes for use in Node.js. A security vulnerability exists in noderequest. An attacker can exploit the vulnerability to steal environment variables...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/12 12:0 a.m.4 views

IBM Security Identity Manager Virtual Appliance File Upload Vulnerability

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password...

8.8CVSS8.9AI score0.02077EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/07 12:0 a.m.1 views

Wind-mvc directory traversal vulnerability

wind-mvc is an mvc framework. A directory traversal vulnerability exists in wind-mvc. An attacker can exploit this vulnerability by placing ". /" in a URL to access the file system...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/25 12:0 a.m.1 views

Heap Overflow Vulnerability in WPS Office ocr Module

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used text, table, presentation and many other functions of office software. A heap overflow vulnerability exists in the OCR module Image to Text of WPS OFFICE when...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/04/19 12:0 a.m.12 views

Exiv2 BigTiffImage::readData Assertion Failure Vulnerability

Exiv2 is a C++ library for extracting EXIF, LPTC and XMP metadata information from images. An assertion failure security vulnerability exists in Exiv2 version 0.26 bigtiffimage.cpp/BigTiffImage::readData, which can be exploited by an attacker to cause a service interruption...

6.5CVSS6.7AI score0.01418EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/22 12:0 a.m.4 views

IKARUS anti.virus ntguard.sys driver arbitrary write vulnerability (CNVD-2017-37950)

IKARUS anti.virus is the Austrian IKARUS Security Software company a set of antivirus software products. ntguard.sys driver is one of the self-protection system driver . IKARUS anti.virus version 2.16.18 before the ntguard.sys driver has an arbitrary write vulnerability, the vulnerability stems...

7.8CVSS7AI score0.00414EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/08 12:0 a.m.3 views

WSTSHOP open source version controller\Index.php file reload vulnerability

WSTSHOP open source version is a php language based on the development of B2C open source online store system . WSTSHOP open source version controller\Index.php file reload vulnerability . Allow attackers to exploit the vulnerability reload connection to a malicious external database , etc...

6.9AI score
Exploits0
Rows per page
Query Builder