Lucene search
K

224 matches found

CNNVD
CNNVD
added 2021/12/21 12:0 a.m.2 views

Stormshield Endpoint Security 安全漏洞

Stormshield Endpoint Security, the product line of the French company Stormshield for enhanced workstation and server security, has a remote code execution vulnerability in versions prior to 2.1.2, which stems from the process of constructing code segments from externally entered data. network...

10CVSS6.9AI score0.02927EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.8 views

Thymeleaf-Spring5 代码注入漏洞

Thymeleaf-Spring5 is an open source, modern, server-side Java template engine for web and standalone environments from the Thymeleaf team. A security vulnerability exists in Thymeleaf-Spring5, which arises from a networked system or product that does not properly filter specific elements of...

9.8CVSS8.2AI score0.03866EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/10/14 12:0 a.m.3 views

PT-2022-4661 · Otrs +1 · Otrs +1

Name of the Vulnerable Software and Affected Versions: OTRS affected versions not specified Description: The issue allows an attacker logged in as an admin user to manipulate the customer URL field, storing JavaScript code that can be executed later by any agent when clicking the customer URL lin...

9.8CVSS4.9AI score0.01273EPSS
Exploits0References31
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.11 views

Microsoft Excel 代码注入漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Excel. The vulnerability arises from a network system or product not properly filtering specific elements of externally entered data during t...

7.8CVSS7.6AI score0.02194EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/09/08 12:0 a.m.4 views

Vulnerability of services for the NFS ONCRPC XDR driver on Microsoft Windows operating systems, allowing a hacker to execute arbitrary code.

The vulnerability of services for the NFS ONCRPC XDR driver on Microsoft Windows is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...

10CVSS8AI score0.10326EPSS
Exploits0References3
OSV
OSV
added 2021/08/12 6:15 p.m.2 views

CVE-2021-26433

Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability...

7.5CVSS7.1AI score0.03302EPSS
Exploits0References1
NVD
NVD
added 2021/07/26 3:15 p.m.11 views

CVE-2021-33629

isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data...

7.5CVSS0.00961EPSS
Exploits0References1
OSV
OSV
added 2021/07/26 3:15 p.m.4 views

CVE-2021-33629

isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data...

7.5CVSS5.8AI score0.00961EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/26 2:46 p.m.31 views

CVE-2021-33629

isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data...

7.7AI score0.00961EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.6 views

isula-build 安全漏洞

isula-build is an open source iSula Container Team Container image build tool from iSula Container Team that supports fast container image building via Dockerfile files. Isula-build A security vulnerability exists in Isula-build prior to 0.9.5-8 When building container images, some functions used...

7.5CVSS7.3AI score0.00961EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/09 12:0 a.m.5 views

Kaseya VSA 代码问题漏洞

Kaseya VSA is RMM Remote Monitoring and Management software commonly used by Managed Service Providers MSPs of Kaseya, Inc. in the United States to manage customer networks. A code issue vulnerability exists in Kaseya VSA versions prior to 9.5.6, which arises from a network system or product that...

7.5CVSS8.1AI score0.25256EPSS
Exploits1References5
CNVD
CNVD
added 2021/02/26 12:0 a.m.7 views

Eclipse Theia Code Execution Vulnerability

Eclipse Theia is the Eclipse Foundation's set of Visual Studio Code-based open source integrated development environment for desktop and Web applications framework. A code execution vulnerability exists in Eclipse Theia 1.2.0 and prior versions, which arises from a failure of a networked system o...

9.6CVSS7.6AI score0.02352EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/02/24 12:0 a.m.7 views

Eclipse Theia 跨站脚本漏洞

Eclipse Theia is the Eclipse Foundation's set of Visual Studio Code-based open source integrated development environment for desktop and Web applications framework. A code execution vulnerability exists in Eclipse Theia 1.2.0 and prior versions, which arises from a failure of a networked system o...

9.6CVSS7.9AI score0.02352EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/02/15 12:0 a.m.4 views

lodash code injection vulnerability

lodash is an open source JavaScript utility library. A code injection vulnerability exists in lodash, which arises from a network system or product that does not properly filter specific elements of externally entered data during the construction of executable commands. An attacker could exploit...

7.2CVSS7.1AI score0.2241EPSS
Exploits2References53
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.7 views

vSphere Replication Command Injection Vulnerability

A command injection vulnerability exists in vSphere Replication that originates when a network system or product does not properly filter specific elements of externally entered data during the construction of executable commands. An attacker could exploit this vulnerability to execute an illegal...

7.2CVSS7.3AI score0.02074EPSS
Exploits0References3
0day.today
0day.today
added 2020/04/03 12:0 a.m.238 views

MicroStrategy Intelligence Server And Web 10.4 XSS / Disclosure / SSRF / Code Execution Vulnerabilit

Exploit for multiple platform in category web applications Exploit Title: MicroStrategy Intelligence Server and Web 10.4 - multiple vulnerabilities Exploit Author: RedTimmy Security Authors blog: https://www.redtimmy.com/web-application-hacking/another-ssrf-another-rce-the-microstrategy-case/...

5.8AI score0.17841EPSS
Exploits7
UbuntuCve
UbuntuCve
added 2019/12/20 2:15 p.m.35 views

CVE-2012-5639

LibreOffice and OpenOffice automatically open embedded content...

6.5CVSS6.6AI score0.05859EPSS
Exploits0References3
CNVD
CNVD
added 2019/07/31 12:0 a.m.4 views

Wind River Systems VxWorks Parameter Injection Vulnerability

Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. The vulnerability arises from a network system or product that does not properly filter special characters in parameters...

7.1CVSS7.7AI score0.08311EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/30 12:0 a.m.3 views

Dolibarr ERP/CRM Command Execution Vulnerability

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A code execution vulnerability exists in Dolibarr ERP/CRM. The...

8.5CVSS7.5AI score0.02236EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/03 12:0 a.m.4 views

Nortek Security & Control Linear eMerge 50P/5000P Command Injection Vulnerability

Nortek Security & Control Linear eMerge 50P/5000P is a browser-based access control system from Nortek Security & Control, USA. A command injection vulnerability exists in the Nortek Security & Control Linear eMerge 50P/5000P, which can be exploited by an attacker to execute illegal operating...

10CVSS7.8AI score0.40005EPSS
Exploits5References1
Rows per page
Query Builder