Lucene search
K

108 matches found

NVD
NVD
added 2023/06/13 3:15 a.m.29 views

CVE-2023-33985

SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting XSS vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information...

6.1CVSS6AI score0.00507EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/06 12:0 a.m.6 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that results in a denial of service due to a reachable assertion in the modem when processing a sib with an incorrect value from the network...

7.5CVSS7.3AI score0.00383EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.6 views

PT-2023-7985 · One Identity +3 · Syslog-Ng +5

Name of the Vulnerable Software and Affected Versions: One Identity syslog-ng versions 3.0 through 3.37 syslog-ng Premium Edition version 7.0.30 syslog-ng Store Box version 6.10.0 Description: The issue is related to an integer overflow in the RFC3164 parser, which can be exploited by remote...

7.8CVSS7.1AI score0.02383EPSS
Exploits0References43
OSV
OSV
added 2022/05/25 11:3 a.m.3 views

OESA-2022-1672 rsyslog security update

RSYSLOG is the rocket-fast system for log processing.It offers high-performance, great security features and a modular design. While it started as a regular syslogd, rsyslog has evolved into a kind of swiss army knife of logging, being able to accept inputs from a wide variety of sources, transfo...

8.1CVSS8.3AI score0.03821EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/10 12:0 a.m.4 views

多款AVEVA产品安全漏洞

AVEVA InTouch is an open and extensible HMI from AVEVA UK with intuitive graphical animation and scripting capabilities that provide incredible functionality and flexibility for application designers. A command injection vulnerability exists in AVEVA InTouch. The vulnerability stems from a failur...

9.9CVSS8.7AI score0.00873EPSS
Exploits0References6
OSV
OSV
added 2022/02/11 6:15 p.m.6 views

CVE-2021-22802

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector dc.ex...

9.8CVSS6.4AI score0.20165EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.6 views

AutoTrace 输入验证错误漏洞

AutoTrace is a set of software for converting bitmap files Bitmap to vector files Vector. An input validation error vulnerability exists in Autotrace version 0.31.1, which arises from a networked system or product that does not properly validate incoming data. No detailed vulnerability details ar...

4.3CVSS6.8AI score0.01019EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.9 views

Intel Ethernet Controllers Input Validation Error Vulnerability

Intel Ethernet Controllers is an Ethernet controller from Intel Corporation USA. An input validation error vulnerability exists in the Intel 700-series of Ethernet Controllers that arises from a network system or product that does not properly validate input data...

4.4CVSS5.8AI score0.00241EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/12 5:38 a.m.3 views

Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's category bitmap into the SELinux extensible bitmap via the' ebitmapnetlblimport' routine. While processing the CIPSO restricted...

5.9CVSS7AI score0.03097EPSS
Exploits0References4
CNVD
CNVD
added 2020/06/01 12:0 a.m.3 views

FreeRDP Buffer Overflow Vulnerability (CNVD-2020-31440)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer overflow vulnerability exists in the 'irp' function in versions of FreeRDP prior to 2.1.0. The vulnerability stems from a networked system or product performing operations on memory without...

6CVSS9.8AI score0.01151EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/24 12:0 a.m.9 views

Command Injection Vulnerability in Multiple NETGEAR Products (CNVD-2021-50928)

NETGEAR EX7000 and others are products of NETGEAR Corporation.NETGEAR EX7000 is a wireless network signal extender.NETGEAR R8500 is a wireless router.NETGEAR D6400 is a wireless modem.NETGEAR R8500 is a wireless router.NETGEAR R8500 is a wireless router.NETGEAR R8500 is a wireless router.NETGEAR...

9.8CVSS7.7AI score0.03353EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/04/14 12:0 a.m.5 views

PT-2020-2599

Name of the Vulnerable Software and Affected Versions Java SE versions 11.0.6 and 14 Description The issue is related to insufficient input validation in the JSSE component of Oracle Java SE. It allows an unauthenticated attacker with network access via HTTPS to compromise Java SE, resulting in...

7.8CVSS6.8AI score0.02698EPSS
Exploits0References143
RedhatCVE
RedhatCVE
added 2020/02/02 8:45 a.m.37 views

CVE-2019-0196

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5.3CVSS1AI score0.193EPSS
Exploits0References5
CNVD
CNVD
added 2020/01/14 12:0 a.m.1 views

TaskCanvas Denial of Service Vulnerability

TaskCanvas is a program that tracks computer usage. TaskCanvas suffers from a denial of service vulnerability that arises from a networked system or product that does not properly validate incoming data, which could be exploited by an attacker to cause a denial of service condition that denies...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2019/12/31 12:0 a.m.3 views

Linux kernel buffer overflow vulnerability (CNVD-2020-00513)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer error vulnerability exists in Linux kernel version 5.0.0-rc7. The vulnerability arises from a networked system or product performing operations in memory...

6CVSS8.1AI score0.00754EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/25 12:0 a.m.3 views

Open TFTP Server SP Formatting String Error Vulnerability

Open TFTP Server SP is a file transfer server. A formatting string error vulnerability exists in the 'logMess' function in TFTP Server SP version 1.66 and earlier. The vulnerability originates from a network system or product that receives external formatted strings as parameters with lax filteri...

9.8CVSS6.8AI score0.0436EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/24 12:0 a.m.2 views

GraphicsMagick 'EncodeImage' function buffer overflow vulnerability

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A buffer overflow vulnerability exists in the 'EncodeImage' function of the coders/pict.c file in GraphicsMagick. The vulnerability stems from a networked...

9.1CVSS9.7AI score0.02783EPSS
Exploits1References1
CNVD
CNVD
added 2019/11/28 12:0 a.m.1 views

Linux kernel buffer overflow vulnerability (CNVD-2019-44513)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in Linux kernel version 5.0.21. The vulnerability arises from a networked system or product performing operations in memory...

6.5CVSS7.2AI score0.00692EPSS
Exploits1References1
CNVD
CNVD
added 2019/11/06 12:0 a.m.3 views

LEAD Technologies LEADTOOLS Heap Overflow Vulnerability

LEAD Technologies LEADTOOLS is an image processing development kit from LEAD Technologies. A buffer error vulnerability exists in the JPEG2000 parsing functionality in LEAD Technologies LEADTOOLS. The vulnerability originates when a networked system or product performs an operation on memory...

8.8CVSS7.4AI score0.01994EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2019/10/18 12:0 a.m.49 views

Apache HTTP Server Memory Access Vulnerability - Linux

Apache HTTP Server is prone to a memory access vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver";...

9.1CVSS7.7AI score0.16549EPSS
Exploits0References1
Rows per page
Query Builder