Lucene search
K

48 matches found

Veracode
Veracode
added 2020/12/06 3:24 a.m.18 views

Arbitrary File Write

LPRng is vulnerable to arbitrary file write. A local unauthenticated attacker could overwrite arbitrary files via a symbolic link attack on the /tmp/before file of the psbanner component...

2.1CVSS3.7AI score0.0039EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2020/05/27 5:15 p.m.15 views

Improper access control

Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system...

7.2CVSS8.5AI score0.00279EPSS
Exploits0References1
OSV
OSV
added 2020/05/21 3:15 p.m.4 views

CVE-2020-5752

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

7.8CVSS7.3AI score0.08607EPSS
Exploits12References3
CNVD
CNVD
added 2020/02/26 12:0 a.m.4 views

Druva inSync Windows Client Arbitrary OS Command Execution Vulnerability

Druva inSync Client is a lightweight application that manages data backups and allows collaboration with other users.Druva inSync Windows Client is for Windows. An arbitrary operating system command execution vulnerability exists in Druva inSync Windows Client 6.5.0. The vulnerability stems from...

7.8CVSS7.8AI score0.08566EPSS
Exploits7References1
OSV
OSV
added 2019/05/08 3:4 p.m.5 views

OPENSUSE-SU-2019:1352-1 Security update for ovmf

This update for ovmf fixes the following issues: Security issue fixed: - CVE-2019-0161: Fixed a stack overflow in UsbBusDxe and UsbBusPei, which could potentially be triggered by a local unauthenticated user bsc1131361. This update was imported from the SUSE:SLE-15:Update update project...

5.5CVSS7.5AI score0.00395EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2018/08/28 12:0 a.m.56 views

SIPP 3.3 Stack-Based Overflow

Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: SIPP 3.3 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while reading the configuration file and parsing the malicious...

0.6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2018/01/18 6:29 a.m.3 views

CVE-2018-0100

A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of the XML External Entity XXE entries when...

4.4CVSS5.7AI score0.00411EPSS
Exploits0References4
CISA
CISA
added 2014/01/22 12:0 a.m.10 views

Cisco Releases Multiple Security Advisories

Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow a local unauthenticated user to execute arbitrary commands with escalated privileges or cause a denial-of-service DoS condition. These vulnerabilities affect the following: Cisco...

8AI score
Exploits0References3
Rows per page
Query Builder