CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2021/04/26 12:0 a.m.•7 views

IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2021-31469)

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum Protect Plus has a security...

7.5CVSS6.3AI score0.0071EPSS

Exploits0References1

CNVD•added 2021/04/26 12:0 a.m.•7 views

IBM Spectrum Protect Buffer Overflow Vulnerability (CNVD-2021-31236)

IBM Spectrum Protect formerly known as Tivoli Storage Manager is a suite of data protection platforms from IBM in the United States. The platform provides organizations with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of...

8.4CVSS6.9AI score0.00345EPSS

Exploits0References1

BDU FSTEC•added 2021/04/23 12:0 a.m.•1 views

The vulnerability of the DNS service in Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DNS service in Microsoft Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

6.5CVSS6.5AI score0.02494EPSS

CVE•added 2021/04/22 9:53 p.m.•58 views

CVE-2021-2263

CVE-2021-2263 affects Oracle E-Business Suite Oracle Sourcing Intelligence/RFx (12.1.1–12.1.3). A low-privilege, network-accessible attacker over HTTP can cause unauthorized creation/modification/deletion of data or access to Oracle Sourcing data. Public descriptions consistently state CVSS v3.1 ...

8.1CVSS8.1AI score0.00987EPSS

Exploits0References1Affected Software1

ThreatPost•added 2021/04/22 1:0 p.m.•49 views

It’s Easy to Become a Cyberattack Target, but a VPN Can Help

Even though data breaches top news headlines every other week, it’s still tempting to think that no one is interested in your data. But a hacker doesn’t need to target you in particular to get their hands on your most sensitive information. Let’s look at the cyber-threats out there and how a...

7.8AI score

BDU FSTEC•added 2021/04/21 12:0 a.m.•1 views

The vulnerability of the rtr_recvmsg function in the Linux operating system allows a hacker to obtain confidential information.

The vulnerability of the rtrrecvmsg function in the Linux operating system’s net/qrtr/qrtr.c file is related to the lack of protection for service data. Exploiting this vulnerability could allow an attacker to obtain confidential information...

5.5CVSS6.5AI score0.00366EPSS

Exploits0References30Affected Software4

6.5CVSS6.5AI score0.61648EPSS

The vulnerability in the implementation of the SMB protocol on Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SMB protocol implementation in Microsoft Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

7.8CVSS6.5AI score0.02519EPSS

The vulnerability of the Application Compatibility Cache component in Microsoft Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the Application Compatibility Cache component “AppCompatCache” in Microsoft Windows systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

10CVSS7.8AI score0.01355EPSS

The vulnerability of the CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000 optical line terminals is related to insufficient protection of registration data. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of optical line terminal devices such as CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS...

Exploits1References3Affected Software28

BDU FSTEC•added 2021/04/21 12:0 a.m.•1 views

9.8CVSS7.8AI score0.01474EPSS

Exploits1References3Affected Software28

5.5CVSS5.9AI score0.00769EPSS

The vulnerability of the Windows Codecs Library, a library used for processing media content on Microsoft Windows operating systems, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Codecs Library, used for processing media content on Microsoft Windows operating systems, is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

BDU FSTEC•added 2021/04/21 12:0 a.m.•1 views

The vulnerability of the kernel of Microsoft Windows allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the kernel of Microsoft Windows is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00806EPSS

10CVSS7.8AI score0.01994EPSS

The vulnerability of the CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000 are related to the failure to take measures for data cleaning at the management level. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

Exploits1References3Affected Software28

BDU FSTEC•added 2021/04/16 12:0 a.m.•2 views

The vulnerability of the Procedure Call Runtime component in Microsoft Windows operating systems allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the Procedure Call Runtime component in Microsoft Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

10CVSS8AI score0.02315EPSS

BDU FSTEC•added 2021/04/16 12:0 a.m.•2 views

The vulnerability in the implementation of the TCP/IP protocol stack for Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP/IP protocol stack implementation in Microsoft Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, acting remotely, to gain unauthorized access to protected information...

7.8CVSS6.5AI score0.06492EPSS

BDU FSTEC•added 2021/04/16 12:0 a.m.•1 views

The vulnerability of the Windows Installer component on Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Installer component in Microsoft Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.2CVSS6.2AI score0.0076EPSS