Lucene search
K

941 matches found

vulnersOsv
vulnersOsv
added 2019/04/24 5:29 p.m.5 views

abba-python (>=0.1.6 <=0.3.0), adpred (>=1.1.2 <=1.2.7) +360 more potentially affected by CVE-2018-10055 via tensorflow (>=1.0.1 <=1.7.0)

tensorflow PYPI version =1.0.1, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =0.2.0, =0.3.1, =0.1.0, =0.4.2, =0.1.0, =0.4.0, =0.1.0, =0.3.1 and more Source cves: CVE-2018-10055 Source advisory: OSV:PYSEC-2019-204...

8.1CVSS7.2AI score0.00442EPSS
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/09 4:6 p.m.335 views

Steganography in the Modern Attack Landscape

Steganography the hiding of data in other content types such as images, videos, network traffic etc. continues to play a role in modern attacks in several forms. Most uses of steganography in malware can be divided into two broad categories: concealing the actual malware contents and concealing t...

7.4AI score
Exploits0
OSV
OSV
added 2019/04/08 12:57 p.m.5 views

USN-3940-1 clamav vulnerabilities

It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-1787 It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote...

7.5CVSS6AI score0.01839EPSS
Exploits2References4
Prion
Prion
added 2019/02/04 9:29 p.m.11 views

Cross site request forgery (csrf)

MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery CSRF vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvgsave that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via the victim must be...

6.8CVSS8.8AI score0.00795EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2019/01/09 11:29 p.m.18 views

CVE-2018-0665

Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and earlier, NVR500 Rev.11.00.36 and earlier, RTX810 Rev.11.01.31 and earlier, allow an administrative user to embed arbitrary scripts to the configuration data through a certain form field of the configuration page, which may be...

6.8CVSS6.6AI score0.00652EPSS
Exploits0References4
CVE
CVE
added 2019/01/09 10:0 p.m.58 views

CVE-2018-0666

CVE-2018-0666 applies to Yamaha devices (RT57i &lt;=8.00.95, RT58i &lt;=9.01.51, NVR500 &lt;=11.00.36, RTX810

6.8CVSS6.6AI score0.00652EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/01/09 10:0 p.m.22 views

CVE-2018-0665

Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and earlier, NVR500 Rev.11.00.36 and earlier, RTX810 Rev.11.01.31 and earlier, allow an administrative user to embed arbitrary scripts to the configuration data through a certain form field of the configuration page, which may be...

6.6AI score0.00652EPSS
Exploits0References4
NVD
NVD
added 2019/01/04 3:29 p.m.14 views

CVE-2018-1951

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.2AI score0.00968EPSS
Exploits0References3
n0where
n0where
added 2018/12/20 3:50 p.m.67 views

Phishing Campaign Toolkit: King Phisher

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness...

7.8AI score
Exploits0References5
Hacker One
Hacker One
added 2018/12/13 10:50 p.m.21 views

Dropbox: Disclose anonymous accessible link on embedded files in paper dropbox sessions

This report described some of the behavior of the integration between Dropbox and Dropbox Paper. In particular, when embedding a Dropbox file into Dropbox Paper, this implicitly creates a link to that file see https://www.dropbox.com/help/files-folders/view-only-access and embeds it within the...

Exploits0
Tenable Nessus
Tenable Nessus
added 2018/07/09 12:0 a.m.12 views

FreeBSD : mybb -- vulnerabilities (bfd5d004-81d4-11e8-a29a-00e04c1ea73d)

mybb Team reports : High risk: Image and URL MyCode Persistent XSS Medium risk: Multipage Reflected XSS Low risk: ACP logs XSS Low risk: Arbitrary file deletion via ACP's Settings Low risk: Login CSRF Low risk: Non-video content embedding via Video MyCode C Tenable Network Security, Inc. The...

7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2018/07/04 12:0 a.m.10 views

mybb -- vulnerabilities

mybb Team reports: High risk: Image and URL MyCode Persistent XSS Medium risk: Multipage Reflected XSS Low risk: ACP logs XSS Low risk: Arbitrary file deletion via ACP’s Settings Low risk: Login CSRF Low risk: Non-video content embedding via Video MyCode...

3.2AI score
Exploits0References1
Prion
Prion
added 2018/07/03 9:29 p.m.15 views

Design/Logic Flaw

The public node module versions = 1.0.3 allows to embed HTML in file names, which in certain conditions might lead to execute malicious JavaScript...

4.3CVSS6.3AI score0.00759EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/07/03 9:0 p.m.48 views

CVE-2018-3747

CVE-2018-3747 concerns the public Node.js module (versions

6.1CVSS6.2AI score0.00759EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/06/21 7:29 p.m.16 views

Code injection

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system...

3.5CVSS5.1AI score0.00512EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2018/03/19 12:0 a.m.32 views

Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1.5AI score0.06042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/03/07 12:0 a.m.28 views

Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1.5AI score0.02384EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/02/27 12:0 a.m.32 views

Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1.5AI score0.02367EPSS
Exploits0References1
Prion
Prion
added 2018/02/22 12:29 a.m.23 views

Cross site scripting

A vulnerability in Cisco Jabber Client Framework JCF could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to improper neutralization of input during web page generation. An attacker could exploit...

3.5CVSS5.4AI score0.00927EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/22 12:0 a.m.25 views

CVE-2018-0201

A vulnerability in Cisco Jabber Client Framework JCF could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to improper neutralization of input during web page generation. An attacker could exploit...

5.5AI score0.00927EPSS
Exploits0References3
Rows per page
Query Builder