Lucene search
+L

49 matches found

Positive Technologies
Positive Technologies
added 2024/04/19 12:0 a.m.5 views

PT-2024-5137

Name of the Vulnerable Software and Affected Versions: Node.js affected versions not specified Description: The issue is related to the Permission Model in Node.js, which incorrectly assumes that any path starting with two backslashes has a four-character prefix that can be ignored. This subtle b...

9.8CVSS6.7AI score0.01098EPSS
Exploits0References234
Vulnrichment
Vulnrichment
added 2023/05/09 1:42 a.m.13 views

CVE-2023-32112 Missing Authorization Check in Vendor Master Hierarchy

Vendor Master Hierarchy - versions SAPAPPL 500, SAPAPPL 600, SAPAPPL 602, SAPAPPL 603, SAPAPPL 604, SAPAPPL 605, SAPAPPL 606, SAPAPPL 616, SAPAPPL 617, SAPAPPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lea...

2.8CVSS5.5AI score0.00149EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 8:37 p.m.34 views

Security Bulletin: IBM CloudPak foundational services (Events Operator) is affected by potential data integrity issue (CVE-2020-25649)

Summary The IBM Cloud Platform Common Services Events Operator is potentially vulnerable to a data integrity issue Vulnerability Details CVEID:CVE-2020-25649 DESCRIPTION: FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly...

7.5CVSS7.4AI score0.17611EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.5 views

PT-2022-6799 · Unknown +2 · Openimageio +2

Name of the Vulnerable Software and Affected Versions: OpenImageIO versions master-branch-9aeece7a through v2.3.19.0 Description: A heap-based buffer overflow vulnerability exists in the tile decoding code of the TIFF image parser. This issue can be triggered by a specially-crafted TIFF file,...

10CVSS7.4AI score0.01962EPSS
Exploits26References108
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/04 2:10 p.m.31 views

Security Bulletin: IBM Event Streams is affected by potential data integrity issue (CVE-2020-25649)

Summary IBM Event Streams is potentially vulnerable to a data integrity issue Vulnerability Details CVEID: CVE-2020-25649 DESCRIPTION: FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit th...

7.5CVSS0.8AI score0.17611EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/10/21 3:15 p.m.5 views

CVE-2020-14797

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.7CVSS3.6AI score
Exploits0References6
CNVD
CNVD
added 2019/07/17 12:0 a.m.2 views

Oracle MySQL Server Component Input Validation Error Vulnerability (CNVD-2019-26675)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. Input validation error vulnerability in the InnoDB subcomponent of the MySQL Server component in Oracle MySQL, version 8.0.16 and earlier. An attacke...

4CVSS6AI score0.01863EPSS
Exploits0References1
OSV
OSV
added 2016/04/21 10:59 a.m.4 views

CVE-2016-0640

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML...

6.1CVSS5.6AI score
Exploits0References22
NVD
NVD
added 1997/03/01 5:0 a.m.16 views

CVE-1999-0165

NFS cache poisoning...

10CVSS0.01954EPSS
Exploits0References1
Rows per page
Query Builder