Lucene search
K

86 matches found

CNVD
CNVD
added 2017/10/16 12:0 a.m.4 views

Git Denial of Service Vulnerability

Git is a free, open source distributed version control system developed by American software developer Linus Torvalds Linus Torvalds. A security vulnerability exists in Git 2.14.2 and earlier versions, which stems from the program's failure to properly handle the tree object layer. A remote...

5.5CVSS5.6AI score0.01641EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/08 12:0 a.m.2 views

i-SENS SmartLog Diabetes Management Software Code Execution Vulnerability

SmartLog Diabetes Management Software is software used to track and monitor an individual's blood glucose levels by connecting a glucose meter to a computer via USB. A code execution vulnerability exists in i-SENS SmartLog Diabetes Management Software, which allows an attacker to execute arbitrar...

9.3CVSS8.1AI score0.01761EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/05/24 9:12 p.m.66 views

Security update for samba (important)

This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. CVE-2017-7494, bso12780, bsc1038231 This update was...

3.3AI score0.99448EPSS
Exploits24References1
BDU FSTEC
BDU FSTEC
added 2017/04/03 12:0 a.m.7 views

The vulnerability of the Skype instant messaging program allows a hacker to execute arbitrary code.

The vulnerability of the Skype instant messaging program is related to the limitation on the download of external libraries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted library named api-ms-win-core-winrt-string-l1-1-0.dll, which is...

10CVSS8.2AI score0.46342EPSS
Exploits2References7Affected Software1
CNVD
CNVD
added 2016/06/22 12:0 a.m.1 views

Advantech WebAccess Buffer Overflow Vulnerability

Advantech WebAccess formerly known as BroadWin WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer...

5CVSS7.9AI score0.00675EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/07/03 1:0 a.m.22 views

CVE-2015-3715

The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library...

3.7AI score0.01491EPSS
Exploits0References4
NVD
NVD
added 2014/05/14 12:55 a.m.24 views

CVE-2014-2591

Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting...

6.9CVSS6.5AI score0.01312EPSS
Exploits2References2
Prion
Prion
added 2014/05/14 12:55 a.m.16 views

Design/Logic Flaw

Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting...

6.9CVSS7AI score0.01312EPSS
Exploits2References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2014/05/14 12:0 a.m.16 views

CVE-2014-2591

Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. Recent assessments: timb-machine at March 05, 2021 12:48am UTC reported: Assessed Attacker Value: 5 Assessed Attacker Value: 5Assess...

6.9CVSS5.1AI score0.01312EPSS
Exploits2References3
Cvelist
Cvelist
added 2014/05/14 12:0 a.m.26 views

CVE-2014-2591

Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting...

6.5AI score0.01312EPSS
Exploits2References2
CVE
CVE
added 2014/05/14 12:0 a.m.52 views

CVE-2014-2591

CVE-2014-2591 affects BMC Patrol for AIX 3.9.00 and is caused by an incorrect RPATH setting that enables untrusted search path exploitation. This allows local users to gain privileges by loading a crafted library. The vulnerability is a local privilege escalation risk due to insecure runtime libr...

6.9CVSS6.7AI score0.01312EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2014/03/03 4:50 a.m.24 views

CVE-2014-1882

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...

7.5CVSS6.6AI score0.11683EPSS
Exploits0References5
Prion
Prion
added 2014/03/03 4:50 a.m.19 views

Code injection

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...

7.5CVSS7.2AI score0.11208EPSS
Exploits1References5Affected Software2
Prion
Prion
added 2014/03/03 4:50 a.m.21 views

Code injection

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...

7.5CVSS7.2AI score0.11683EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2014/03/03 4:50 a.m.39 views

CVE-2014-1882

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...

7.5CVSS5.9AI score0.11683EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/03/03 2:0 a.m.21 views

CVE-2014-1881

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...

6.7AI score0.11208EPSS
Exploits1References5
Cvelist
Cvelist
added 2014/03/03 2:0 a.m.25 views

CVE-2014-1882

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...

6.6AI score0.11683EPSS
Exploits0References5
CVE
CVE
added 2014/03/03 2:0 a.m.46 views

CVE-2014-1882

Affected software: Apache Cordova 3.3.0 and earlier; Adobe PhoneGap 2.9.0 and earlier. Root cause: An event-based bridge can be bypassed via a crafted library clone that uses IFRAME script execution to directly access bridge JavaScript objects, demonstrated by cordova.require calls. Impact: Remot...

7.5CVSS6.8AI score0.11683EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/03/03 2:0 a.m.56 views

CVE-2014-1881

CVE-2014-1881 affects Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier. The vulnerability arises in an event-based bridge technique where a crafted library clone can trigger IFRAME script execution and waits for an OnJsPrompt handler return value to bypass intended device-res...

7.5CVSS6.9AI score0.11208EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/02/06 12:0 a.m.28 views

GLSA-201402-05 : Banshee: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201402-05 Banshee: Arbitrary code execution Banshee places a zero-length directory name in PATH, which allows libraries to be loaded from the working directory. Impact : A local attacker could put specially crafted library into...

6.9CVSS6.1AI score0.00422EPSS
Exploits1References2
Rows per page
Query Builder