Lucene search
K

48 matches found

CNNVD
CNNVD
added 2025/11/11 12:0 a.m.6 views

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a privilege issue...

7.1CVSS6.7AI score0.00233EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/11 2:30 a.m.11 views

CVE-2025-55013

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client taskhandler.py accepts a SHA-256 value returned by the service server and uses it directly as a local...

4.2CVSS7.1AI score0.00515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-6865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EncryptingOutputStream was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have...

6.5CVSS7.6AI score0.00888EPSS
Exploits0References2
NVD
NVD
added 2025/08/09 3:15 a.m.10 views

CVE-2025-55013

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client taskhandler.py accepts a SHA-256 value returned by the service server and uses it directly as a local...

4.2CVSS0.00515EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/09 2:2 a.m.14 views

CVE-2025-55013 Assemblyline 4 Service Client: Arbitrary Write through path traversal in Client code

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client taskhandler.py accepts a SHA-256 value returned by the service server and uses it directly as a local...

4.2CVSS0.00515EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/02 8:28 a.m.3 views

Mozilla: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code>

The Mozilla Foundation Security Advisory describes this flaw as: EncryptingOutputStream was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode...

6.5CVSS7.3AI score0.00888EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/12/20 12:0 a.m.31 views

CVE-2023-6865

EncryptingOutputStream was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR 115.6 and Firefox 121...

6.5CVSS6.8AI score0.00888EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.17 views

Paessler PRTG Network Monitor Command Injection Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. A command injection vulnerability exists in Paessler PRTG Network Monitor version 23.2.83.1760, which stems from command line parameter injection and undocumented debug feature flag...

7.2CVSS7.7AI score0.12342EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2017-0359

diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive...

9.8CVSS7AI score0.01893EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.3 views

SUSE CVE-2020-6490

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page...

4.3CVSS6AI score0.01461EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.3 views

SUSE CVE-2022-45417

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private...

4.3CVSS6.2AI score0.00409EPSS
Exploits0References5
OSV
OSV
added 2022/05/25 9:55 p.m.32 views

CVE-2022-31004 Potential secrets being logged to disk in CVE Services

CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in 'data.js' has potential for production secrets to be written to disk. The affected method writes the generated randomKey to disk if the environment is not development. If this method were call...

7.5CVSS7.5AI score0.00916EPSS
Exploits1References4
Virtuozzo
Virtuozzo
added 2021/07/28 12:0 a.m.188 views

Virtuozzo Hybrid Infrastructure 4.6 Update 1

This update provides new features, as well as bug fixes and improvements. Vulnerability id: VSTOR-45315 The MDS service may be unstable under a high load condition. Vulnerability id: VSTOR-43126 A deadlock is possible between atomic and non-atomic commands in the iSCSI kernel module. Vulnerabilit...

0.5AI score
Exploits0
OSV
OSV
added 2021/06/18 11:15 a.m.2 views

CVE-2021-33576

An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk...

9.8CVSS7.4AI score0.01549EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/06/15 12:55 p.m.5 views

chromium-browser: Insufficient data validation in loader

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page...

4.3CVSS7.4AI score0.01461EPSS
Exploits0References5
OSV
OSV
added 2020/05/21 4:15 a.m.2 views

DEBIAN-CVE-2020-6490

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page...

4.3CVSS6.8AI score0.01461EPSS
Exploits0References1
OSV
OSV
added 2020/05/21 4:15 a.m.2 views

UBUNTU-CVE-2020-6490

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page...

4.3CVSS6.7AI score0.01461EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/05/20 8:56 a.m.32 views

CVE-2020-6490

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page...

4.3CVSS3.1AI score0.01461EPSS
Exploits0References4
Prion
Prion
added 2019/11/08 12:15 a.m.12 views

Code injection

FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...

5CVSS7AI score0.00888EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2019/09/12 10:35 a.m.6 views

kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

7.5CVSS7AI score0.02779EPSS
Exploits0References4
Rows per page
Query Builder