Lucene search
K

21 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2026/05/20 12:0 a.m.10 views

Microsoft Internet Explorer Use-After-Free Vulnerability

Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product...

9.3CVSS7.7AI score0.91885EPSS
In wildExploits16
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/17 12:0 a.m.18 views

ASUS Live Update Embedded Malicious Code Vulnerability

ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. The impacted produc...

9.8CVSS7.1AI score0.01084EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/20 12:0 a.m.9 views

Apple Multiple Products Unspecified Vulnerability

Apple macOS, iOS, tvOS, Safari, and watchOS contain an unspecified vulnerability in JavaScriptCore that when processing web content may lead to arbitrary code execution. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

8.8CVSS8.8AI score0.03213EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/06 12:0 a.m.9 views

Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability

Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code execution. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.3CVSS8.1AI score0.96889EPSS
In wildExploits14
CISA KEV Catalog
CISA KEV Catalog
added 2025/09/02 12:0 a.m.7 views

TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability

TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by...

8.8CVSS8.7AI score0.20689EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/08/12 12:0 a.m.9 views

Microsoft Internet Explorer Resource Management Errors Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.3CVSS8.2AI score0.8593EPSS
In wildExploits18
VulnCheck KEV
VulnCheck KEV
added 2024/11/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-11120

Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.8CVSS7.5AI score0.28554EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2024/09/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-6047

Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.8CVSS7.5AI score0.10072EPSS
Exploits1References1
OSV
OSV
added 2024/06/26 5:15 a.m.3 views

UBUNTU-CVE-2024-34580

Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...

5.3CVSS7.3AI score0.99999EPSS
Exploits5References6
VulnCheck KEV
VulnCheck KEV
added 2023/11/16 12:0 a.m.3 views

VulnCheck KEV: CVE-2021-32030

ASUS Lyra Mini and ASUS GT-AC2900 devices contain an improper authentication vulnerability that allows an attacker to gain unauthorized access to the administrative interface. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.8CVSS7.4AI score0.99393EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2021/06/01 12:0 a.m.7 views

VulnCheck KEV: CVE-2020-25078

D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for remote administrator password disclosure. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

7.5CVSS7.3AI score0.97901EPSS
Exploits4References1
Intel
Intel
added 2020/11/10 12:0 a.m.20 views

Intel® Board ID Tool Advisory

Summary: A potential security vulnerability in Intel® Board ID Tool may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel® Board ID Tool. Vulnerability Details: CVEID: CVE-2020-24456...

7.8CVSS7.7AI score0.00278EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2013/09/21 12:0 a.m.5 views

VulnCheck KEV: CVE-2013-3893

Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.3CVSS7.7AI score0.8593EPSS
Exploits18References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/06/01 5:6 a.m.3 views

Segue vulnerable to SQL injection

Overview Segue contains a SQL injection vulnerability. Segue is a content management system. Segue contains a SQL injection vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.5CVSS7.9AI score0.02341EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/05/26 4:37 a.m.5 views

WalRack upload file handilng vulnerability

Overview WalRack Walrus File Rack CGI contains a vulnerability in handling upload files. WalRack is a CGI that provides an interface to upload files on the Web. WalRack contains a vulnerability in handling upload files. Impact An arbitrary PHP script may be executed on the server where WalRack is...

6.8CVSS6.9AI score0.01424EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/08/20 8:18 a.m.2 views

Winny vulnerable to buffer overflow

Overview Winny contains a buffer overflow vulnerability. Winny is a P2P file sharing software. Winny contains a buffer overflow vulnerability. This vulnerability is different from JVN91740962 and JVN74294680. Makoto Iwamura of NTT Information Sharing Platform Laboratories reported this...

7.5CVSS7.5AI score0.03372EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/08/20 8:17 a.m.2 views

Winny node information processing vulnerability

Overview Winny contains a vulnerability in the processing of node information. Winny is a P2P file sharing software. Winny contains a vulnerability in the processing of node information, which can be used to launch Distributed Denial of Service DDoS attacks. Fuyumasa Takatsu of University of...

10CVSS6.7AI score0.01446EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/08/20 8:17 a.m.3 views

Winny BBS information processing vulnerability

Overview Winny contains a vulnerability in the processing of BBS information. Winny is a P2P file sharing software. Winny contains a vulnerability in the processing of BBS information, which can be used to launch Distributed Denial of Service DDoS attacks. Yuji Ukai of eEye Digital Security...

10CVSS6.7AI score0.01446EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/04/02 8:33 a.m.2 views

HL-SiteManager vulnerable to SQL injection

Overview HL-SiteManager from Heartlogic contains a SQL injection vulnerability. HL-SiteManager from Heartlogic is a contents management system CMS software. HL-SiteManager contains a SQL injection vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated wit...

7.5CVSS7.5AI score0.01063EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/09/17 6:52 a.m.3 views

XF-Section vulnerable to cross-site scripting

Overview XF-Section from Happy Linux contains a cross-site scripting vulnerability. XF-Secion from Happy Linux is a XOOPS module that categorizes contents. XF-Section contains a cross-site scripting vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.2AI score0.01624EPSS
Exploits0References5
Rows per page
Query Builder