Lucene search
+L

374 matches found

OSV
OSV
added 2022/05/11 4:15 p.m.5 views

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

9.8CVSS6.5AI score0.00678EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/11 12:0 a.m.5 views

IBM Spectrum Virtualize 信任管理问题漏洞

IBM Spectrum Virtualize is a block storage virtualization system from IBM USA. It improves data value, security, and simplicity for new and existing storage infrastructures.An access control error vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, and 8.4. The vulnerability stems...

9.8CVSS6.8AI score0.00678EPSS
Exploits0References3
Circl
Circl
added 2022/05/09 8:36 p.m.7 views

CVE-2022-0836

creationtimestamp| type| source ---|---|--- 2022-05-09 20:36:29+00:00| seen| https://t.me/cibsecurity/42182...

9.8CVSS8.7AI score0.01779EPSS
Exploits2References1
Circl
Circl
added 2022/04/09 8:14 p.m.10 views

CVE-2022-28364

creationtimestamp| type| source ---|---|--- 2022-04-09 20:14:19+00:00| seen| https://t.me/cibsecurity/40430...

5.4CVSS6AI score0.00955EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2022/03/31 12:0 a.m.9 views

PT-2022-3899 · General Electric · Inet +1

Name of the Vulnerable Software and Affected Versions: General Electric Renewable Energy iNET and iNET II versions prior to 8.3.0 Description: The issue is related to inadequate encryption strength in the software of General Electric Renewable Energy's iNET and iNET II products. This could allow ...

9.8CVSS7.1AI score0.0029EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/03/01 7:15 p.m.2 views

CVE-2021-43077

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below, version 8.4.2 and below, version 8.3.2 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the AP...

8.8CVSS7.5AI score0.00798EPSS
Exploits0References2
OSV
OSV
added 2022/01/06 11:15 p.m.3 views

DEBIAN-CVE-2022-21664

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected...

8.8CVSS8AI score0.04052EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/06 12:0 a.m.6 views

WordPress plugin SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress has a SQL injection vulnerability in versions prior to 5.8.3, which stems from the lack of validation of externally...

8CVSS6.1AI score0.97795EPSS
Exploits14References20
Positive Technologies
Positive Technologies
added 2022/01/04 12:0 a.m.6 views

PT-2022-10054 · Mcafee · Mcafee Application/Change Control

Name of the Vulnerable Software and Affected Versions: McAfee Application and Change Control MACC versions prior to 8.3.4 Description: A security issue allows a locally logged-in attacker to bypass application protection, enabling them to run applications that would normally be blocked. The...

7.8CVSS7.7AI score0.00251EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/12/28 1:15 p.m.2 views

CVE-2021-45425

Reflected Cross Site Scripting XSS in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes...

6.1CVSS6.5AI score0.03394EPSS
Exploits4References4
CNNVD
CNNVD
added 2021/12/28 12:0 a.m.31 views

SAFARI Montage 跨站脚本漏洞

SAFARI Montage is a formative assessment tool from safarimontage that enables teachers to check students' understanding of topics or concepts during the course. A cross-site scripting vulnerability exists in SAFARI Montage versions 8.3 and 8.5, which can be exploited by an attacker to execute...

6.1CVSS5.3AI score0.03394EPSS
Exploits4References5
CNNVD
CNNVD
added 2021/12/09 12:0 a.m.5 views

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by China Zzcms team. A security vulnerability exists in ZZCMS 8.2, 8.3, 2020, 2021, which originates from a SQL injection when registering a regular user in dl/dlprint.php...

8.8CVSS8.2AI score0.01112EPSS
Exploits1References2
OSV
OSV
added 2021/09/03 4:15 p.m.6 views

PYSEC-2021-317

The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...

7.5CVSS6.8AI score0.03154EPSS
Exploits1References4
OSV
OSV
added 2021/08/24 7:15 p.m.4 views

CVE-2021-31000

A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious application may be able to read sensitive contact information...

3.3CVSS5.8AI score0.00676EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/08/24 7:15 p.m.2 views

CVE-2021-30927

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges...

7.8CVSS6.3AI score0.00353EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.5 views

PT-2021-18992 · Apple · Ipados +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.1 watchOS versions prior to 8.3 iOS versions prior to 15.2 iPadOS versions prior to 15.2 macOS Big Sur versions prior to 11.6.2 Description: A logic issue was addressed with improved restrictions, allowing a malicio...

5.5CVSS6.2AI score0.00903EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.6 views

PT-2021-19000 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.1 watchOS versions prior to 8.3 iOS versions prior to 15.2 iPadOS versions prior to 15.2 tvOS versions prior to 15.2 Description: A buffer overflow issue was addressed with improved memory handling. Processing a...

7.8CVSS7.6AI score0.01321EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.5 views

PT-2021-19037 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.2 iPadOS versions prior to 15.2 watchOS versions prior to 8.3 macOS Monterey versions prior to 12.1 tvOS versions prior to 15.2 Description: A permissions issue was addressed with improved validation, which may allow ...

4.3CVSS2.9AI score0.00676EPSS
Exploits0References9
OSV
OSV
added 2021/06/04 11:15 a.m.2 views

CVE-2021-26994

Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service DoS on a cluster node...

6.5CVSS5.8AI score0.00832EPSS
Exploits0References1
OSV
OSV
added 2021/03/30 2:15 a.m.4 views

CVE-2021-25162

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and...

8.1CVSS7.5AI score0.25573EPSS
Exploits3References3
Rows per page
Query Builder