Lucene search
K

1367 matches found

CNNVD
CNNVD
added 2021/04/23 12:0 a.m.4 views

Avaya Callback Assist 代码问题漏洞

Avaya Callback Assist is a software application from Avaya, USA. With Avaya Callback Assist, contact centers can offer callback options to callers during peak call periods when estimated wait times are highest A code issue vulnerability exists in Callback Assist includes 4.0.x Series 4.7.1.1 prio...

8.1CVSS6.7AI score0.00981EPSS
Exploits0References2
OSV
OSV
added 2021/04/22 10:15 p.m.4 views

CVE-2021-2315

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.4CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2021/04/22 10:15 p.m.2 views

CVE-2021-2240

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.3CVSS6.8AI score0.00907EPSS
Exploits0References1
OSV
OSV
added 2021/04/22 10:15 p.m.3 views

CVE-2021-2140

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Rules Framework. Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network...

6.1CVSS6.9AI score0.00853EPSS
Exploits0References1
OSV
OSV
added 2021/04/22 10:15 p.m.4 views

CVE-2021-2159

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft component: Frameworks. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS...

3.5CVSS6.6AI score0.00723EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/20 12:0 a.m.3 views

Oracle PeopleSoft Enterprise CS Campus Community Frameworks 安全漏洞

Oracle PeopleSoft Products is a set of enterprise human capital management solutions from Oracle Oracle. The products provide human capital management, financial management, supplier relationship management, and other capabilities. A security vulnerability exists in PeopleSoft Enterprise CS Campu...

3.5CVSS6.5AI score0.00723EPSS
Exploits0References4
OSV
OSV
added 2021/04/13 7:15 p.m.4 views

CVE-2021-27601

SAP NetWeaver AS Java Applications based on HTMLB for Java allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting XSS vulnerability and the attacker can read and modify data. However, the attack...

5.4CVSS5.8AI score0.00473EPSS
Exploits0References2
OSV
OSV
added 2021/03/25 8:15 p.m.5 views

CVE-2020-10582

A SQL injection on the /admin/displayerrors.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to execute arbitrary SQL requests including data reading and modification on the database...

9.8CVSS6.1AI score0.01555EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.6 views

Weseek GROWI 安全漏洞

GROWI is a team collaboration software. An access control error vulnerability exists in WESEEK GROWI 4.2.2 and earlier versions, which can be exploited by a remote, unauthenticated attacker to read a user's personal information and/or internal server information...

7.5CVSS5.6AI score0.01509EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.5 views

DELL EMC PowerScale 访问控制错误漏洞

Dell EMC PowerScale OneFS is an API-powered file system. An elevation of privilege vulnerability exists in Dell EMC PowerScale OneFS 8.2.0 - 9.1.0. An attacker with the ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges could exploit this vulnerability to read arbitrary data, tamper with system...

7.8CVSS5.9AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.3 views

GNU Binutils 后置链接漏洞

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. An...

6.3CVSS7AI score0.00307EPSS
Exploits0References15
OSV
OSV
added 2021/02/03 4:15 p.m.0 views

DEBIAN-CVE-2020-29582

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

5.3CVSS6.9AI score0.02572EPSS
Exploits0References1
Prion
Prion
added 2021/02/03 4:15 p.m.21 views

Code injection

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

5CVSS6.4AI score0.02572EPSS
Exploits0References6Affected Software4
UbuntuCve
UbuntuCve
added 2021/02/03 4:15 p.m.24 views

CVE-2020-29582

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

5.3CVSS6.8AI score0.02572EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.3 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...

9CVSS7.7AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.5 views

The vulnerability of the InnoDB component of the MySQL Database Server allows a hacker to gain access to data for reading or to gain privileged access to the infrastructure.

The vulnerability of the InnoDB component in the MySQL Database Management System exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read access to data or gain privileged access to the infrastructure...

2.3CVSS6.4AI score0.00445EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.2 views

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

9.4CVSS7.8AI score0.01511EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.3 views

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over the data.

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add,...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/28 12:0 a.m.3 views

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delet...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/01/22 12:0 a.m.4 views

QEMU 访问控制错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an Access Control Error vulnerability that can be exploited by an attacker to bypass access restrictions via virtiofsd in ord...

8.2CVSS7.1AI score0.00522EPSS
Exploits1References20
Rows per page
Query Builder