CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9.3CVSS7.2AI score0.00735EPSS

limbus-buildgen code execution vulnerability

limbus-buildgen is a library that generates build files for small C/C++ codebases. A security vulnerability exists in limbus-buildgen, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by interceptin...

9.3CVSS8.2AI score0.00735EPSS

selenium-standalone-painful remote code execution vulnerability

selenium-standalone-painful is a program for installing command line tools for starting a selenium standalone server. A security vulnerability exists in selenium-standalone-painful that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker...

CNVD•added 2018/05/31 12:0 a.m.•0 views

massif code execution vulnerability

massif is a WebKit script written in JavaScript. A security vulnerability exists in massif, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the response and replacing the requeste...

CNVD•added 2018/05/31 12:0 a.m.•2 views

native-opencv file download vulnerability

native-opencv is an open source computer vision library with multi-platform support. A security vulnerability exists in native-opencv that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting th...

massif code execution vulnerability (CNVD-2018-15161)

CNVD•added 2018/05/31 12:0 a.m.•3 views

tomita-parser file download vulnerability

tomita-parser is a tool that provides structured data from natural language text. A file download vulnerability exists in tomita-parser that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...

9.3CVSS7.1AI score0.00658EPSS

roslib-socketio code execution vulnerability

roslib-socketio is a ROS Robot Operating System JavaScript support library. A security vulnerability exists in roslib-socketio, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the...

9.3CVSS7.1AI score0.00735EPSS

Prince Code Execution Vulnerability

Prince is a use of JavaScript to convert XML/HTML files into PDF documents API. A security vulnerability exists in Prince that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the respon...

Japan Vulnerability Notes•added 2018/05/29 12:0 a.m.•55 views

JVN#20040004: The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely invoke an executable file

The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION contains an issue with the DLL search path, which may lead to insecurely invoke an executable file CWE-427...

9.3CVSS7.7AI score0.00185EPSS

Exploits0

CNVD•added 2018/05/25 12:0 a.m.•1 views

Square Enix Final Fantasy XIV for Windows Man-in-the-Middle Attack Vulnerability

Square Enix Final Fantasy XIV for Windows is a Japanese role-playing game based on the Windwos platform by Square Enix. Square Enix's Final Fantasy XIV for Windows is a role-playing game based on the Windwos platform. A security vulnerability exists in the ffxivlauncher.exe file in versions 4.21...

8.1CVSS6.8AI score0.00176EPSS

Exploits1References1

OSV•added 2018/05/22 7:29 p.m.•0 views

UBUNTU-CVE-2018-11384

The shop function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted ELF file...

5.5CVSS6.4AI score0.00248EPSS

Exploits0References4

CNVD•added 2018/05/22 12:0 a.m.•2 views

mySCADA myPRO File Upload Vulnerability

mySCADA myPRO is an industrial visualization control system from mySCADA Technologies, Czech Republic. A security vulnerability exists in the file 'myscadagate.exe' in mySCADA myPRO version 7, which originates from the program's use of a hard-coded FTP account username: myscada, password: Vikuk63...

9.1CVSS9.2AI score0.36287EPSS

Exploits5References1

CNVD•added 2018/05/21 12:0 a.m.•1 views

PhpCollab Arbitrary Code Execution Vulnerability

phpCollab is a Chinese plug-in support for project development management software . An arbitrary code execution vulnerability exists in PhpCollab. An attacker can execute arbitrary code by uploading a file with an executable extension...

8.8CVSS9AI score0.86913EPSS

Exploits9References1

Prion•added 2018/05/16 2:29 p.m.•16 views

Unrestricted file upload

Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory under the document...

6.5CVSS8.7AI score0.00607EPSS

Exploits2References1Affected Software1

CNVD•added 2018/05/15 12:0 a.m.•2 views

Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC Intel wireless driver and related software DLL injection vulnerabilities

Intel Dual Band Wireless-AC, Tri-Band Wireless-AC, and Wireless-AC are wireless NIC products from Intel Corporation.Intel wireless drivers is one of the wireless NIC drivers.Autorun.exe is one of the Autorun.exe is an executable file; Setup.exe is an installation file. A security vulnerability...

7.8CVSS7.9AI score0.00174EPSS