Lucene search
K

81 matches found

BDU FSTEC
BDU FSTEC
added 2023/04/12 12:0 a.m.7 views

The vulnerability of the Swarm Mode mode of the dockerd daemon, a software tool for creating containerized systems like Moby and the Mirantis Container Runtime environment, allows an attacker to compromise the integrity and accessibility of protected information.

The vulnerability of the Swarm Mode mode of the dockerd daemon, a software tool for creating containerized systems like Moby and the Mirantis Container Runtime environment, is related to the use of an unprotected alternative channel. Exploiting this vulnerability allows an attacker to compromise...

7.5CVSS7.1AI score0.02733EPSS
Exploits1References10Affected Software4
Positive Technologies
Positive Technologies
added 2023/01/18 12:0 a.m.8 views

PT-2023-2420 · Omron · Omron Cs Series

Name of the Vulnerable Software and Affected Versions: Omron CJ-series and CS-series PLCs, all versions Description: The issue is related to the lack of authentication for a critical function in Omron CS/CJ controllers. An attacker with network access to the affected PLC may use a network protoco...

8.6CVSS7.4AI score0.00536EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2022/10/25 6:0 p.m.5 views

CVE-2022-27912

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests...

5.3CVSS6.1AI score0.00502EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2022/10/05 12:30 p.m.23 views

Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information

Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security...

0.9AI score
Exploits0
Cvelist
Cvelist
added 2022/06/14 8:15 p.m.33 views

CVE-2022-31060 Banner topic data is exposed on login-required Discourse sites

Discourse is an open-source discussion platform. Prior to version 2.8.4 in the stable branch and version 2.9.0.beta5 in the beta and tests-passed branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the stable branch and version 2.9.0.beta5 in...

5.3CVSS5.7AI score0.01013EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/03/31 12:0 a.m.3 views

livehelperchat 安全漏洞

livehelperchat is a live support available for free on the website through Live Helper Chat. A security vulnerability exists in livehelperchat versions prior to 3.96 that stems from a loose comparison leading to IDOR on multiple endpoints. an attacker can bypass multiple checks to access other...

7.5CVSS7.3AI score0.01231EPSS
Exploits1References3
HackRead
HackRead
added 2022/02/14 1:23 p.m.22 views

Database mess up – US marketing firm exposed data of 7 million users

By Deeba Ahmed The IT security researchers at Website Planet discovered what they dubbed as a large data breach, impacting a… This is a post from HackRead.com Read the original post: Database mess up - US marketing firm exposed data of 7 million users...

1.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.10 views

The vulnerability in the CoreText application programming interface of operating systems such as iOS, macOS, iPadOS, iPhoneOS, watchOS, and tvOS allows attackers to gain access to protected information.

The vulnerability of the CoreText application interface in iOS, macOS, iPadOS, iPhoneOS, watchOS, and tvOS systems relates to the ability to read data beyond the buffer in memory when processing a specially crafted font file. Exploiting this vulnerability can allow an attacker to gain access to...

7.8CVSS6.5AI score0.00995EPSS
Exploits0References10Affected Software5
Prion
Prion
added 2021/08/25 12:15 p.m.16 views

Design/Logic Flaw

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to obtain sensitive information by snooping on the network traffic. The exposed data includes critical values for a pump's internal configuration...

5CVSS7.7AI score0.00832EPSS
Exploits1References2Affected Software1
HackRead
HackRead
added 2021/08/05 9:55 a.m.46 views

Defunct marketing firm exposed 32GB worth of records, customers data

By Waqas According to researchers, the exposed database contained around 50,000 files and had 32GB worth of data. This is a post from HackRead.com Read the original post: Defunct marketing firm exposed 32GB worth of records, customers data...

3.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.5 views

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the boundaries of the memory buffer. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information in the context of the current user, usin...

6.4CVSS5.7AI score0.02787EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/04/23 4:15 p.m.39 views

CVE-2020-36319

Insecure configuration of default ObjectMapper in com.vaadin:flow-server versions 3.0.0 through 3.0.5 Vaadin 15.0.0 through 15.0.4 may expose sensitive data if the application also uses e.g. @RestController...

6.5CVSS0.01001EPSS
Exploits0References3
OSV
OSV
added 2020/09/15 10:47 p.m.3 views

USN-4501-1 luajit vulnerability

It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service application crash or possibly expose sensitive information. CVE-2020-15890...

7.5CVSS6.8AI score0.02862EPSS
Exploits1References2
CNVD
CNVD
added 2020/06/01 12:0 a.m.1 views

SQL Injection Vulnerability in Website Building System of Zhejiang Mufeng Website Technology Co.

Zhejiang Mufeng Website Technology Co., Ltd. is a website design company. Zhejiang Mufeng Website Technology Co., Ltd. website building system has SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information in the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/03/25 12:0 a.m.1 views

Web exhibition PHP foreign trade enterprise website red style front SQL injection vulnerability

Netzhan Technology Beijing Century Netzhan Technology Co., Ltd. is an Internet service operator specializing in the field of exhibition shows. SQL injection vulnerability exists in the red style frontend of Nethub's PHP foreign trade enterprise website, which can be exploited by attackers to obta...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/05 2:0 p.m.4 views

A Massive U.S. Property and Demographic Database Exposes 200 Million Records

More than 200 million records containing a wide range of property-related information on US residents were left exposed on a database that was accessible on the web without requiring any password or authentication. The exposed data — a mix of personal and demographic details — included the name,...

5.9AI score
Exploits0
NVD
NVD
added 2019/09/17 8:15 p.m.14 views

CVE-2019-6837

A Server-Side Request Forgery SSRF: CWE-918 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could cause server...

9.1CVSS9.1AI score0.00988EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/17 7:15 p.m.14 views

CVE-2019-6837

A Server-Side Request Forgery SSRF: CWE-918 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could cause server...

9.1AI score0.00988EPSS
Exploits0References1
Prion
Prion
added 2019/09/16 5:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in GitLab Community and Enterprise Edition 11.2 through 12.2.1. Insufficient permission checks were being applied when displaying CI results, potentially exposing some CI metrics data to unauthorized users...

5CVSS5.3AI score0.01544EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/06/03 12:0 a.m.1 views

SQL Injection Vulnerability in the de***.aspx Page of CrowdSoft Web Application System

CrowdSoft is an independent and innovative software enterprise providing informationization services for government and enterprises and institutions. A SQL injection vulnerability exists in the de.aspx page of the CrowdSmart Software Web application system, which can be exploited by attackers to...

7.9AI score
Exploits0
Rows per page
Query Builder