Lucene search
K

99 matches found

Redos
Redos
added 2021/12/24 12:0 a.m.3 views

ROS-2-2160

2.2160 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.7AI score0.0262EPSS
Exploits0
Kaspersky
Kaspersky
added 2021/12/16 12:0 a.m.598 views

KLA12392 RCE vulnerability in Microsoft Azure

Remote code execution vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...

10CVSS9.8AI score0.99999EPSS
Exploits352References6
Redos
Redos
added 2021/09/08 12:0 a.m.24 views

ROS-2-1249

2.1249 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.3 views

ROS-2-2150

2.2150 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-1720

2.1720 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threat Data Bank of the...

7.5CVSS7.5AI score0.95785EPSS
Exploits5
Redos
Redos
added 2021/09/08 12:0 a.m.4 views

ROS-2-2130

2.2130 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

9.8CVSS8.1AI score0.02377EPSS
Exploits0
NCSC
NCSC
added 2021/07/13 12:0 a.m.7 views

Vulnerability fixed in Microsoft Power BI

A vulnerability has been fixed in the Microsoft Power BI application. A malicious party could potentially abuse it to execute arbitrary code with elevated privileges. Microsoft has made updates available that fix the described vulnerability described. We recommend that you install these updates...

8.8CVSS7.5AI score0.018EPSS
Exploits0
NCSC
NCSC
added 2020/12/08 12:0 a.m.5 views

Vulnerabilities fixed in Microsoft Browsers

There are several vulnerabilities in Microsoft Edge. The vulnerabilities allow a malicious person to execute arbitrary execute arbitrary code with user privileges. Also, the malicious impersonate another user. Microsoft Edge: |----------------|------|-------------------------------------| | CVE I...

7.5CVSS7.2AI score0.02059EPSS
Exploits0
NCSC
NCSC
added 2020/12/08 12:0 a.m.6 views

Vulnerabilities fixed in Microsoft Azure

Vulnerabilities have been fixed in Azure. The vulnerabilities allow a malicious person to bypass security measures. Azure Sphere: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |. |----------------|------|-------------------------------------| |...

9.1CVSS6.5AI score0.0359EPSS
Exploits0
NCSC
NCSC
added 2020/09/14 12:0 a.m.5 views

Vulnerability fixed in Red Hat JBoss Enterprise Application Platform

A vulnerability has been fixed in JBoss Enterprise Application Platform. The vulnerability allows a malicious party to launch a Denial-of-Service DoS attack. -= Red Hat =- Red Hat has made updates available. You can install these updates install using the command 'yum'. More information about the...

7.5CVSS6.7AI score0.01356EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/11/05 12:0 a.m.7 views

August 17, 2019—KB4512514 (Preview of Monthly Rollup)

August 17, 2019—KB4512514 Preview of Monthly Rollup IMPORTANT Verify that you have installed the updates listed in the How to get this update section before installing this update. For all updates starting with August 13, 2019, we strongly recommend that you install these updates to prevent any...

7.3AI score
Exploits0
Kaspersky
Kaspersky
added 2018/07/10 12:0 a.m.93 views

KLA11287 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering vulnerability in Microsoft Office...

9.3CVSS8.9AI score0.39555EPSS
Exploits0References29
OpenVAS
OpenVAS
added 2018/06/27 12:0 a.m.22 views

Microsoft Windows: Automatic Download and Install of updates (Store)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winstoreautoupdatedownload.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Turn off Automatic Download and Install of updates Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

7.3AI score
Exploits0
CERT
CERT
added 2017/10/16 12:0 a.m.817 views

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Overview Wi-Fi Protected Access WPA, more commonly WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point AP or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to...

8.1CVSS8AI score0.04575EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2016/10/27 12:0 a.m.24 views

KLA10894 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10892. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...

7.3AI score
Exploits0References4
NVD
NVD
added 2014/04/16 6:37 p.m.22 views

CVE-2013-1764

The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...

2.1CVSS6.2AI score0.00382EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/04/16 6:37 p.m.22 views

CVE-2013-1764

The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...

2.1CVSS5.9AI score0.00382EPSS
Exploits0References2
Prion
Prion
added 2014/04/16 6:37 p.m.14 views

Design/Logic Flaw

The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...

2.1CVSS6.7AI score0.00382EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2014/04/16 6:0 p.m.22 views

CVE-2013-1764

The Zypper aka zypp backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method...

6.2AI score0.00382EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2014/01/26 12:0 a.m.4 views

PT-2014-1871 · Red Hat · Yum +1

Name of the Vulnerable Software and Affected Versions: yum versions 3.4.3 and earlier Description: The issue allows remote attackers to bypass the RMP package signing restriction, potentially leading to a violation of protected information integrity. This can be exploited remotely. The...

5CVSS9.2AI score0.0241EPSS
Exploits0References16
Rows per page
Query Builder