Lucene search
K

2125 matches found

Positive Technologies
Positive Technologies
added 2022/12/30 12:0 a.m.4 views

PT-2022-22285 · Nvidia · Nvidia Control Panel

Name of the Vulnerable Software and Affected Versions: NVIDIA Control Panel for Windows affected versions not specified Description: The issue allows an unauthorized user or an unprivileged regular user to compromise the security of the software by gaining privileges, reading sensitive informatio...

7.8CVSS6.5AI score0.00207EPSS
Exploits0References4
NVD
NVD
added 2022/12/16 4:15 p.m.14 views

CVE-2022-20545

In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.5CVSS0.00598EPSS
Exploits0References1
CVE
CVE
added 2022/12/16 12:0 a.m.88 views

CVE-2022-20545

CVE-2022-20545 affects Android 13 on Google Pixel devices. The issue resides in the MediaControlPanel.java function bindArtworkAndColors, where improper input validation can crash the phone, causing a remote denial of service with no additional execution privileges required. Exploitation does not...

7.5CVSS7.4AI score0.00598EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.2 views

PT-2022-14758 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to improper input validation in the bindArtworkAndColors function of MediaControlPanel.java. This could lead to a remote denial of service, where the phone may crash, with no...

7.5CVSS7.3AI score0.00598EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/12/02 12:0 a.m.77 views

NVIDIA Windows GPU Display Driver (Nov 2022)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that...

8.8CVSS6.5AI score0.01387EPSS
Exploits0References8
OSV
OSV
added 2022/11/22 12:15 a.m.3 views

CVE-2022-43709

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...

4.9CVSS5.9AI score0.00645EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.3 views

MyBB SQL注入漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and so on. A SQL injection vulnerability exists in MyBB version 1.8.31, which originates from a cross-site scripting...

4.9CVSS5.3AI score0.00645EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/11/21 12:0 a.m.7 views

CVE-2022-43709

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...

5.5AI score0.00645EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.6 views

The vulnerability of the Cisco Umbrella security cloud service control panel allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Cisco Umbrella security cloud service panel exists because measures are not taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

5.5CVSS5.6AI score0.00435EPSS
Exploits0References2
NVD
NVD
added 2022/11/13 8:15 a.m.11 views

CVE-2022-3967

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...

7.8CVSS0.00221EPSS
Exploits0References2
OSV
OSV
added 2022/11/13 8:15 a.m.11 views

CVE-2022-3967

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...

7.8CVSS7.5AI score
Exploits0References2
Prion
Prion
added 2022/11/13 8:15 a.m.16 views

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...

4.3CVSS8AI score0.00221EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/11/13 12:0 a.m.3 views

Vesta Control Panel 参数注入漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel that originates in an unknown function in the func/main.sh file of the sed Handler component and suffers from parameter injection...

7.8CVSS7.3AI score0.00221EPSS
Exploits0References4
CVE
CVE
added 2022/11/13 12:0 a.m.49 views

CVE-2022-3967

CVE-2022-3967 affects Vesta Control Panel, specifically the sed Handler component in func/main.sh. The vulnerability enables argument injection and requires local access to exploit. Patch 39561c32c12cabe563de48cc96eccb9e2c655e25 is identified as the fix; apply it to mitigate. Other details in con...

7.8CVSS6.7AI score0.00221EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/13 12:0 a.m.5 views

CVE-2022-3967 Vesta Control Panel sed main.sh argument injection

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...

5.3CVSS6.7AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/13 12:0 a.m.19 views

CVE-2022-3967 Vesta Control Panel sed main.sh argument injection

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...

5.3CVSS8.2AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/13 12:0 a.m.4 views

PT-2022-24985 · Unknown · Vesta Control Panel

Name of the Vulnerable Software and Affected Versions: Vesta Control Panel affected versions not specified Description: A critical issue was found in the sed Handler component of Vesta Control Panel, affecting an unknown function of the file func/main.sh. This issue leads to argument injection an...

7.8CVSS7.5AI score0.00221EPSS
Exploits0References6
Krebs on Security
Krebs on Security
added 2022/10/31 8:53 p.m.37 views

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims...

0.2AI score
Exploits0
OSV
OSV
added 2022/10/24 2:15 p.m.18 views

CVE-2021-46850

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...

7.2CVSS8.1AI score
Exploits0References5
Prion
Prion
added 2022/10/24 2:15 p.m.18 views

Command injection

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...

5.8CVSS7.6AI score0.05241EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder