Lucene search
K

4777 matches found

CVE
CVE
added 2018/02/05 3:0 a.m.51 views

CVE-2017-15536

CVE-2017-15536 affects Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. The CDSW web application contains multiple vulnerabilities that allow malicious authenticated users to escalate privileges within CDSW. By chaining these weaknesses, an attacker can achieve root access to CDSW nodes, ...

8.8CVSS8.8AI score0.00936EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/02/05 12:0 a.m.3 views

Cloudera Data Science Workbench Elevation of Privilege Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from US-based Cloudera. The platform provides fast, easy and secure self-service data science support for organizations. A security vulnerability exists in CDSW 1.2.0 prior to version 1.x. The vulnerability can be exploited...

8.8CVSS6.7AI score0.00936EPSS
Exploits0References1
n0where
n0where
added 2018/02/03 8:26 p.m.52 views

Find Vulnerable Settings in AD Group Policy: Grouper

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft’s Group Policy module and identifies all the settings defined in...

6.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/01/25 12:0 a.m.5 views

The vulnerability of the cgiHandler function in the Embedthis GoAhead web server allows a hacker to execute arbitrary code.

The vulnerability of the cgiHandler function in the Embedthis GoAhead web server is related to insufficient validation of input data during the processing of HTTP requests for dynamically linked CGI programs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through...

6.8CVSS8.2AI score0.96327EPSS
Exploits15References8Affected Software2
NVD
NVD
added 2017/12/16 2:29 a.m.24 views

CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

6.8CVSS5AI score0.00576EPSS
Exploits0References2
OSV
OSV
added 2017/12/16 2:29 a.m.23 views

CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

5.3CVSS6.7AI score
Exploits0References2
OSV
OSV
added 2017/12/16 2:29 a.m.5 views

UBUNTU-CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

5.3CVSS6.4AI score0.00576EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/12/16 2:29 a.m.45 views

CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

6.8CVSS6.4AI score0.00576EPSS
Exploits0References3
CVE
CVE
added 2017/12/15 2:0 p.m.66 views

CVE-2017-10905

CVE-2017-10905 affects applications built with Qt for Android before 5.9.3 . The flaw allows an attacker to alter environment variables via unspecified vectors . Root cause is a vulnerability in how Qt on Android handles environment-related data. Exploitation details and vectors are not specified...

6.8CVSS5AI score0.00576EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/12/14 2:51 p.m.5 views

SUSE-SU-2017:3311-1 Security update for slurm

This update for slurm fixes the following issues: Slurm was updated to 17.02.9 to fix a security bug, bringing new features and bugfixes fate323998 bsc1067580. Security issue fixed: CVE-2017-15566: Fix security issue in Prolog and Epilog by always prepending SPANK to all user-set environment...

7.8CVSS8.8AI score0.00578EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 4:40 a.m.3 views

Qt for Android environment variables alteration

Overview Qt for Android contains an information alteration vulnerability. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may alter environem...

6.8CVSS7.3AI score0.00576EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 12:0 a.m.88 views

JVN#27342829: Qt for Android environment variables alteration

Qt for Android contains an information alteration vulnerability. Impact A remote attacker may alter environemt variables of the apps created using Qt. As a result, arbitrary code may be executed. Solution Update the Software Update to the latest version of software according to the information...

6.8CVSS6AI score0.00576EPSS
Exploits0
OSV
OSV
added 2017/12/06 3:29 p.m.4 views

DEBIAN-CVE-2016-5713

Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...

9.8CVSS9.3AI score0.02022EPSS
Exploits0References1
OSV
OSV
added 2017/12/06 3:29 p.m.12 views

CVE-2016-5713

Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...

9.8CVSS7AI score0.02022EPSS
Exploits0References1
Prion
Prion
added 2017/12/06 3:29 p.m.12 views

Code injection

Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...

7.5CVSS7.2AI score0.02022EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/11/17 12:0 a.m.3 views

BlackBerry QNX Software Development Platform Information Disclosure Vulnerability (CNVD-2017-37268)

The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of the QNX SDP in BlackBerry QNX S...

4.9CVSS6.3AI score0.00561EPSS
Exploits0References1
NVD
NVD
added 2017/11/14 9:29 p.m.13 views

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

4.9CVSS5.1AI score0.00561EPSS
Exploits0References1
Prion
Prion
added 2017/11/14 9:29 p.m.14 views

Information disclosure

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

4CVSS6.8AI score0.00561EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/11/14 9:29 p.m.4 views

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

4.9CVSS5.8AI score0.00561EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/14 9:0 p.m.19 views

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

3.8CVSS5.1AI score0.00561EPSS
Exploits0References1
Rows per page
Query Builder