CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2021/05/07 12:0 a.m.•4 views

竣禾科技全方位通讯系统跨站脚本漏洞

Junghee Technology Omni-Communication System is an application software of China Junghee Technology Co. It is used for communication gateway system. A cross-site scripting vulnerability exists in the Junghua Technology Omni-Communication System, which originates from the special characters on the...

5.4CVSS5.6AI score0.00586EPSS

HackRead•added 2021/02/17 9:12 p.m.•28 views

Cybersecurity Risk: What It Is and How Can It Be Reduced?

By Waqas By definition, cybersecurity risk is your potential exposure to harm when your online information or communication system is left vulnerable. This is a post from HackRead.com Read the original post: Cybersecurity Risk: What It Is and How Can It Be Reduced?...

2.2AI score

CNVD•added 2021/02/05 12:0 a.m.•14 views

RainbowFish PacsOne Server Access Control Error Vulnerability

RainbowFish PacsOne Server is an image archiving and communication system server from RainbowFish Rainbowfish, which is used to save incoming images. The system is used to save incoming images, and an access control error vulnerability exists in RainbowFish PacsOne Server, which could be exploite...

9.8CVSS3.9AI score0.01718EPSS

CNVD•added 2021/02/05 12:0 a.m.•12 views

RainbowFish PacsOne Server Cross-Site Scripting Vulnerability

RainbowFish PacsOne Server is an image archiving and communication system server from RainbowFish Rainbowfish, which is used to save incoming images. A cross-site scripting vulnerability exists in versions of RainbowFish PacsOne Server prior to 7.1.1, which stems from the lack of proper validatio...

6.1CVSS3.2AI score0.05355EPSS

CNVD•added 2021/02/05 12:0 a.m.•21 views

RainbowFish PacsOne Server SQL Injection Vulnerability

RainbowFish PacsOne Server is an image archiving and communication system server from RainbowFish. The system is used to save incoming images, and a SQL injection vulnerability exists in RainbowFish PacsOne Server that could be exploited by attackers to execute illegal SQL commands...

8.8CVSS6.1AI score0.01137EPSS

CNVD•added 2020/11/06 12:0 a.m.•1 views

File Upload Vulnerability in Microconsultation Communication System of Beijing Zhongwang Network Technology Co.

Founded in 2010 and headquartered in Beijing Zhongguancun Science and Technology Park, Beijing Zhongwang Network Technology Co., Ltd. is a high-tech enterprise dedicated to the research, development and innovation of multimedia communication technology. A file upload vulnerability exists in Beiji...

7AI score

ThreatPost•added 2018/04/04 2:12 p.m.•12 views

Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks

After a cyberattack shut down numerous pipeline communication networks this week, experts are stressing the importance of securing third-party systems in supervisory control and data acquisition SCADA environments. Over the past two days, various major U.S. pipelines across the country reported...

0.2AI score

Exploits0References2

NVD•added 2018/01/08 3:29 a.m.•17 views

CVE-2018-5071

Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...

5.4CVSS5.6AI score0.00809EPSS

OpenVAS•added 2016/12/20 12:0 a.m.•20 views

Debian Security Advisory DSA 3741-1 (tor - security update)

It was discovered that Tor, a connection-based low-latency anonymous communication system, may read one byte past a buffer when parsing hidden service descriptors. This issue may enable a hostile hidden service to crash Tor clients depending on hardening options and malloc implementation. OpenVAS...

7.5AI score0.03004EPSS

OSV•added 2016/12/20 12:0 a.m.•19 views

DLA-754-1 tor - security update

Bulletin has no description...

7.5CVSS7.5AI score0.03004EPSS

Packet Storm•added 2016/07/25 12:0 a.m.•37 views

Neoscreen 4.5 Blind SQL Injection

Exploit Title: Neoscreen Blind SQL injection Product: Neoscreen by Cube Digital Media Vulnerable Versions: 4.5 and all previous versions Tested Version: 4.5 Advisory Publication: July 24, 2016 Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...

ThreatPost•added 2016/07/13 1:39 p.m.•19 views

MIT Anonymity Network Riffle Promises Efficiency, Security

Researchers from MIT believe a new anonymity scheme they’ve devised dubbed Riffle could contend with Tor, claiming it’s every bit as secure as Tor, and bandwidth-efficient, to boot. According to a paper, “Riffle: An Efficient Communication System With Strong Anonymity,” .PDF released this week, t...

6.8AI score

Exploits0References6

OpenVAS•added 2015/03/22 12:0 a.m.•22 views

Debian Security Advisory DSA 3203-1 (tor - security update)

Several denial-of-service issues have been discovered in Tor, a connection-based low-latency anonymous communication system. Jowr discovered that very high DNS query load on a relay could trigger an assertion error. A relay could crash with an assertion error if a buffer of exactly the wrong layo...

7.5AI score0.02185EPSS

ThreatPost•added 2013/12/03 10:47 a.m.•9 views

Acoustical Mesh Network Used to Infect Air-Gapped Computers

The soundest security advice managers of critical computing systems have been given is to air gap those machines. Don’t network them and don’t expose them to the Internet, and there’s no way hackers reach them from the Web and no way a direct infection replicates. Recently, there’s been reason fo...

7.3AI score

Exploits0References2

securityvulns•added 2004/09/17 12:0 a.m.•28 views

[Full-Disclosure] Freeze in Pigeon Server 3.02.0143

Luigi Auriemma Application: Pigeon Server http://www.tech-noel.com Versions: = 3.02.0143 Platforms: Windows Bug: freeze Risk: medium Exploitation: remote, versus server Date: 16 September 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2...

0.7AI score