Lucene search
K

191 matches found

CNNVD
CNNVD
added 2025/10/30 12:0 a.m.4 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI prior to version 2024R1, which stems from a lack of access...

9.4CVSS6.6AI score0.01514EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/04/16 12:0 a.m.8 views

Oracle Java SE Multiple Vulnerabilities (Apr 2025) - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.01344EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 8:15 p.m.26 views

CVE-2024-45419

Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access...

8.1CVSS0.00508EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/14 4:22 p.m.11 views

CVE-2024-6068 Input Validation Vulnerability exists in Arena® Input Analyzer

A memory corruption vulnerability exists in the affected products when parsing DFT files. Local threat actors can exploit this issue to disclose information and to execute arbitrary code. To exploit this vulnerability a legitimate user must open a malicious DFT file...

7.3CVSS7.3AI score0.00249EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/10/16 12:0 a.m.23 views

Oracle Java SE Security Update (Oct24-1) - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.5AI score0.01364EPSS
Exploits3References1
Redos
Redos
added 2024/09/18 12:0 a.m.16 views

ROS-20240918-02

A vulnerability in the WebKitGTK web page display module is related to disclosure of information in an erroneous data area of data. Exploitation of the vulnerability allows an attacker acting remotely to gain access to the sensitive data...

6.5CVSS6.7AI score0.01259EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/09/09 12:0 a.m.7 views

The vulnerability of the OTRS system’s administration log module allows a violator to disclose protected information.

The vulnerability of the OTRS application’s administration log module is related to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

8.5CVSS5.4AI score0.00376EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2024/09/06 12:0 a.m.17 views

ROS-20240906-01

Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...

7.8CVSS8.1AI score0.00255EPSS
Exploits0
CVE
CVE
added 2024/08/29 11:2 p.m.73 views

CVE-2024-1545

CVE-2024-1545 concerns WolfSSL’s wolfCrypt RSA code path: Fault Injection in RsaPrivateDecryption (rsa.c) enables Rowhammer-induced data leakage to the RsaKey structure, allowing information disclosure and potential privilege escalation. Affected software: WolfSSL/wolfCrypt (example version wolfs...

8.8CVSS7.3AI score0.00544EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2024/08/26 12:0 a.m.40 views

ROS-20240826-01

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.1AI score0.99999EPSS
Exploits19
Cvelist
Cvelist
added 2024/08/14 11:57 a.m.28 views

CVE-2024-39413 An unauthorized user can export the Invoiced Sales Report

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information...

4.3CVSS0.00442EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/24 10:7 p.m.21 views

CVE-2024-7091 Exposure of Sensitive Information to an Unauthorized Actor in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where it was possible to disclose limited information of an exported group or project to another user...

4.1CVSS4AI score0.00312EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/07/11 12:0 a.m.33 views

Mozilla Firefox Security Update (MFSA2024-29) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS7.5AI score0.00977EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/06/21 12:0 a.m.5 views

PT-2024-20189 · Silicon · Gecko Os

Name of the Vulnerable Software and Affected Versions: Silicon Labs Gecko OS affected versions not specified Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations. Authentication is not required to exploit this issue. The specific fl...

4.3CVSS6.2AI score0.00379EPSS
Exploits0References5
OSV
OSV
added 2024/05/14 3:14 p.m.12 views

CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.22 views

Zoom Client for Meetings < 5.17.0 Vulnerability (ZSB-24003)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.17.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-24003 advisory. - Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for...

6.8CVSS6.6AI score0.00803EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.20 views

Zoom VDI Meeting Client < 5.17.5 Vulnerability (ZSB-24002)

The version of Zoom VDI Meeting Client installed on the remote host is prior to 5.17.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-24002 advisory. - Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for...

6.8CVSS6.6AI score0.00803EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.31 views

Zoom Client for Meetings < 5.17.0 Vulnerability (ZSB-24002)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.17.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-24002 advisory. - Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for...

6.8CVSS6.6AI score0.00803EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.22 views

Zoom VDI Meeting Client < 5.17.5 Vulnerability (ZSB-24003)

The version of Zoom VDI Meeting Client installed on the remote host is prior to 5.17.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-24003 advisory. - Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for...

6.8CVSS6.6AI score0.00803EPSS
Exploits0References2
NVD
NVD
added 2024/02/14 12:15 a.m.24 views

CVE-2024-24696

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access...

6.8CVSS6.4AI score0.00803EPSS
Exploits0References1
Rows per page
Query Builder