Lucene search
K

254 matches found

Prion
Prion
added 2021/06/09 7:15 p.m.14 views

Design/Logic Flaw

Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

2.1CVSS5.3AI score0.00219EPSS
Exploits0References1Affected Software9
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.3 views

CSME安全漏洞

CSME is known as the Intel Management Engine BIOS Extension. A security vulnerability exists in CSME that stems from insufficient control flow management in the subsystem, which could allow an attacker to escalate privileges via local access. The following products and versions are affected:...

6.7CVSS6.6AI score0.00251EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/06/03 4:30 p.m.21 views

CVE-2021-22336

There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device...

7.8AI score0.00702EPSS
Exploits0References1
OSV
OSV
added 2021/05/07 4:28 p.m.15 views

GHSA-9534-H433-2RJF Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify

utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype...

8.8CVSS8.7AI score0.02044EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for pcp (EulerOS-SA-2021-1341)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.7AI score0.00475EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.26 views

EulerOS 2.0 SP5 : pcp (EulerOS-SA-2020-2557)

According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...

8.4CVSS7.8AI score0.00475EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.30 views

EulerOS 2.0 SP8 : pcp (EulerOS-SA-2020-1873)

According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...

8.4CVSS7.8AI score0.00475EPSS
Exploits2References3
Cvelist
Cvelist
added 2020/05/12 5:49 p.m.29 views

CVE-2020-6245

SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers...

6.5CVSS6.5AI score0.00335EPSS
Exploits0References2
NVD
NVD
added 2020/05/07 5:15 p.m.17 views

CVE-2020-5743

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission...

4.3CVSS4.5AI score0.00821EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/05/07 4:5 p.m.16 views

CVE-2020-5743

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission...

4.5AI score0.00821EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/06/18 12:0 a.m.5 views

The vulnerability of the monitoring panel for Cisco Unified Intelligence Center’s reporting functions allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the monitoring panel for creating Cisco Unified Intelligence Center reports is related to improper control of resource identifiers. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information by usin...

6.1CVSS5.5AI score0.01257EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/08 3:31 p.m.64 views

IBM Security Key Lifecycle Manager: All Security Bulletins

Summary This page lists all the security bulletins that are released for IBM Security Key Lifecycle Manager. Vulnerability Details Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password CVE-2016-6092 --- Security Bulletin: IBM Security Key Lifecycle Manager uses Less...

9.8CVSS0.5AI score0.9986EPSS
Exploits1
OSV
OSV
added 2019/04/02 3:46 p.m.3 views

GHSA-JPV3-G4CC-6VFX Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client

In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive...

7.5CVSS7.1AI score0.12357EPSS
Exploits0References23
Core Security
Core Security
added 2017/12/19 12:0 a.m.562 views

Trend Micro Smart Protection Server Multiple Vulnerabilities

1. Advisory Information Title: Trend Micro Smart Protection Server Multiple Vulnerabilities Advisory ID: CORE-2017-0008 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities Date published: 2017-12-19 Date of last update:...

9.8CVSS9.4AI score0.19369EPSS
Exploits10
Rows per page
Query Builder