Lucene search
K

196 matches found

CNVD
CNVD
added 2021/12/19 12:0 a.m.24 views

iText command injection vulnerability

iText is an open source library for creating and manipulating PDF files in Java. It is written by Bruno Lowagie, Paulo Soares and others. iText in the version before 7.1.17 there is a command injection vulnerability, the vulnerability stems from the user input construct to execute the command...

9.8CVSS4.4AI score0.05172EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.24 views

Bus Pass Management System Information Disclosure Vulnerability

Bus Pass Management System is a bus pass management system. v1.0 of Bus Pass Management System is vulnerable to information disclosure, which stems from a configuration error in the network system or product during operation. The vulnerability can be exploited by an attacker to view the applicati...

7.5CVSS1.5AI score0.0168EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.11 views

StackStorm Injection Vulnerability

StackStorm is an event-driven automation platform. The platform is used for automated remediation, security response, troubleshooting and program deployment, etc. An injection vulnerability exists in StackStorm, which stems from the failure of a network system or product to properly filter specia...

9CVSS5.3AI score0.02474EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.65 views

UpdateStar HD-Network Real-time Monitoring System Path Traversal Vulnerability

UpdateStar HD-Network Real-time Monitoring System is a high-definition network real-time monitoring system from UpdateStar, a German company. updateStar HD-Network Real-time Monitoring System in version 2.0 is vulnerable to path traversal vulnerability, which stems from the failure of a network...

7.5CVSS3.6AI score0.33133EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/12 12:0 a.m.25 views

Fortinet Meru AP Code Injection Vulnerability

Fortinet Meru Ap is a wireless access point from Fortinet, Inc. Fortinet Meru AP is vulnerable to code injection in versions 8.6.1 and 8.5.5 and below. The vulnerability stems from a failure of the network system or product to properly filter special elements in code segments constructed from...

7.2CVSS4AI score0.00264EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/12 12:0 a.m.28 views

IBM Db2 Access Control Error Vulnerability

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from an Access Control Error vulnerability that originates when a networked system or...

8.7CVSS8.2AI score0.01091EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/04 12:0 a.m.16 views

Crafter CMS Expression Injection Vulnerability

Crafter CMS is an open source content management system CMS for digital experience applications.An expression injection vulnerability exists in Crafter CMS, which stems from the failure of a network system or product to properly filter special elements in code segments constructed from external...

7.2CVSS3.6AI score0.00703EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/04 12:0 a.m.27 views

IBM Cognos Analytics Access Control Error Vulnerability

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards, and scorecards, and can help companies adjust their decisions by analyzing content such as key factors and key people.IBM Cognos Analytics has an access control error...

6.5CVSS1.8AI score0.00933EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/02 12:0 a.m.15 views

Dell EMC Streaming Data Platform code issue vulnerability

A code issue vulnerability exists in Dell EMC Streaming Data Platform, a Dell platform for real-time ingestion, storage, and analysis of continuous streaming data, which is caused by a design or implementation error in the code development process of a network system or product. improper design o...

5.3CVSS2.4AI score0.01015EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/02 12:0 a.m.15 views

Elecom Edwrc Operating System OS Command Injection Vulnerability

The Elecom Edwrc is a series of routers from Elecom Japan. The Elecom Edwrc suffers from an operating system command injection vulnerability that originates from a network system or product not properly filtering specific elements of the data entered externally to the ELECOM router during the...

8CVSS8.1AI score0.00862EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/30 12:0 a.m.6 views

Dell EMC Streaming Data Platform 代码问题漏洞

A code issue vulnerability exists in Dell EMC Streaming Data Platform, a Dell platform for real-time ingestion, storage, and analysis of continuous streaming data, which is caused by a design or implementation error in the code development process of a network system or product. improper design o...

5.3CVSS5.8AI score0.01015EPSS
Exploits0References2
CNVD
CNVD
added 2021/11/24 12:0 a.m.19 views

Apache APISIX Command Injection Vulnerability

Apache Apisix is a cloud-native microservices API gateway service from the Apache Foundation. The software is based on OpenResty and etcd and features dynamic routing and plugin hot-loading for API management in a microservice architecture. Apache APISIX has a security vulnerability that stems fr...

7.5CVSS2.7AI score0.14589EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/21 12:0 a.m.21 views

WordPress Insert Pages License Issue Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Insert Pages plugin in versions prior to 3.7.0,...

4.3CVSS4.7AI score0.00913EPSS
Exploits2References1
CNVD
CNVD
added 2021/11/21 12:0 a.m.26 views

Adobe Experience Manager Access Control Error Vulnerability

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications, and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. Adobe Experience Manager in versio...

7.8CVSS2.1AI score0.01901EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/11 12:0 a.m.7 views

Cloudflare OctoRPKI 资源管理错误漏洞

Cloudflare OctoRPKI is an RPKI toolkit for the Cloudflare platform from cloudflare USA. Cloudflare OctoRPKI has a security vulnerability that originates from an improperly designed or implemented code development process for a network system or product...

6.5CVSS6.5AI score0.00822EPSS
Exploits0References6
CNVD
CNVD
added 2021/11/10 12:0 a.m.22 views

Microsoft Azure Information Disclosure Vulnerability (CNVD-2021-93636)

Microsoft Azure is an open, enterprise-class cloud computing platform from Microsoft Corporation USA. The vulnerability stems from a configuration and other errors in the network system or product during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive...

3.3CVSS3.3AI score0.01186EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/10 12:0 a.m.18 views

Microsoft Azure Sphere Data Forgery Issue Vulnerability

Microsoft Azure Sphere, a Microsoft appliance used to provide security in cloud environments, is vulnerable to a data forgery issue. The vulnerability stems from a network system or product that does not adequately verify the origin or authenticity of data. An attacker could use the falsified dat...

6.7CVSS3.8AI score0.00547EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/10 12:0 a.m.24 views

Microsoft Azure Information Disclosure Vulnerability (CNVD-2021-93637)

Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. An information disclosure vulnerability exists in Microsoft Azure RTOS. The vulnerability stems from errors such as configuration during operation of a networked system or product. An...

5.5CVSS3.6AI score0.01211EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/10 12:0 a.m.98 views

Microsoft 3D Viewer remote code execution vulnerability

A code injection vulnerability exists in Microsoft 3D Viewer, a simplified and fast graphics editing application from Microsoft Corporation USA. The vulnerability stems from the process of constructing code segments from external input data that is not properly filtered by the network system or...

7.8CVSS3.5AI score0.03821EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.5 views

Microsoft Azure Real Time Operating System 信息泄露漏洞

Microsoft Azure is an open, enterprise-class cloud computing platform from Microsoft Corporation USA. The vulnerability stems from a configuration and other errors in the network system or product during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive...

4.6CVSS5.6AI score0.00896EPSS
Exploits0References4
Rows per page
Query Builder