Lucene search
K

196 matches found

CNVD
CNVD
added 2022/09/01 12:0 a.m.15 views

Dell SmartFabric storage software command injection vulnerability

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. A command injection vulnerability exists in Dell SmartFabric storage software version 1.0.0, which arises from a failure of a network system or product to properly filter special characters, commands, etc...

9.8CVSS9.8AI score0.00839EPSS
Exploits0References1
CNVD
CNVD
added 2022/08/11 12:0 a.m.25 views

Microsoft Azure Site Recovery Remote Code Execution Vulnerability (CNVD-2022-84112)

Microsoft Azure Site Recovery is a site recovery DRaaS from Microsoft Corporation for cloud and hybrid cloud architectures. The vulnerability stems from the failure of a network system or product to properly filter special elements of code segments during the construction of external input data. ...

7.2CVSS2.9AI score0.01942EPSS
Exploits0References1
CNVD
CNVD
added 2022/08/04 12:0 a.m.29 views

IBM DataPower Gateway XML External Entity Injection Vulnerability (CNVD-2022-56970)

IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B, and cloud workloads. The platform protects, integrates, and optimizes access across channe...

9.1CVSS2.3AI score0.01044EPSS
Exploits0References1
CNVD
CNVD
added 2022/08/04 12:0 a.m.23 views

Google Android Code Execution Vulnerability (CNVD-2022-65638)

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android. The vulnerability arises from a failure of a networked system or product to properly filter specific elements of externally entered data during the construction of a...

9.8CVSS9.4AI score0.00546EPSS
Exploits0References1
CNVD
CNVD
added 2022/08/04 12:0 a.m.42 views

Google Android Buffer Overflow Vulnerability (CNVD-2023-25101)

Google Android is a Linux-based open-source operating system from Google, a U.S. company. The vulnerability stems from the failure of a network system or product to properly filter special elements of code segments during the construction of external input data. An attacker could exploit the...

8.8AI score0.00396EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2022/07/04 12:0 a.m.23 views

Jenkins Recipe Plugin XML External Entity Injection Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application software. jenkins Recipe Plugin version 1...

8.8CVSS2.3AI score0.00885EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/18 12:0 a.m.42 views

Aruba ClearPass Policy Manager Command Injection Vulnerability (CNVD-2022-64231)

Aruba ClearPass Policy Manager is an application of the U.S. company Aruba to provide wireless network security access management system Aruba ClearPass Policy Manager has a command injection vulnerability, the vulnerability stems from the user input structure to execute the command process, the...

7.2CVSS3.9AI score0.0145EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.25 views

Microsoft Windows Remote Access Connection Manager Information Disclosure Vulnerability

Microsoft Windows Remote Access Connection Manager is a Windows service from Microsoft that manages virtual private network VPN connections from your computer to the Internet. An information disclosure vulnerability exists in Microsoft Windows Remote Access Connection Manager. The vulnerability...

5.5CVSS2.6AI score0.00785EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.12 views

Adobe Framemaker Out-of-Bounds Read Vulnerability (CNVD-2022-41739)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker. The vulnerability originates from a network system or a...

5.5CVSS6.7AI score0.01661EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.27 views

Microsoft Visual Studio Remote Code Execution Vulnerability (CNVD-2022-60134)

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A remote code execution vulnerability exists in Microsoft Visual Studio that originates when a...

7.8CVSS8AI score0.02603EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.29 views

Microsoft Windows Remote Desktop Protocol Information Disclosure Vulnerability (CNVD-2022-70061)

Microsoft Windows Remote Desktop Protocol RDP is an application used to connect to remote Windows desktops from Microsoft Corporation USA.Microsoft Windows Remote Desktop is vulnerable to information disclosure. The vulnerability stems from a configuration or other error in the operation of the...

6.5CVSS1.9AI score0.02319EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.35 views

Microsoft Windows Print Spooler Components Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft Windows Print Spooler Components, a print backend processor component of Microsoft Corporation. The vulnerability stems from a configuration or other error in the operation of the network system or product. An attacker could use this...

5.5CVSS2AI score0.01127EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.38 views

Microsoft Windows Remote Procedure Call Runtime Remote Code Execution Vulnerability

Microsoft Windows Remote Procedure Call Runtime is a technology used to create distributed client/server programs from Microsoft Corporation USA.Microsoft Windows Remote Procedure Call Runtime is vulnerable to remote code execution vulnerability. The vulnerability stems from the failure of a...

8.8CVSS3.6AI score0.02337EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.28 views

Microsoft Windows WLAN Auto Config Service Information Disclosure Vulnerability

Microsoft Windows WLAN AutoConfig Service is a wireless network card configuration service for Microsoft Windows Vista and later operating systems. An information disclosure vulnerability exists in Microsoft Windows WLAN Auto Config Service. The vulnerability is caused by a configuration error in...

6.5CVSS2.2AI score0.00987EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.31 views

Microsoft Visual Studio Code Remote Code Execution Vulnerability (CNVD-2022-60132)

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A remote code execution vulnerability exists in Microsoft Visual Studio Code, which arises from a failure of a networked system or product to properly filter specific elements of externally entered data during the...

8.8CVSS8.8AI score0.41717EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/11 12:0 a.m.25 views

IBM Navigator for i Access Control Error Vulnerability

IBM Navigator for i is an IBM console interface used in IBMi to perform and manage critical tasks in IBMi. IBM Navigator for i versions 7.2, 7.3 and 7.4 are vulnerable to an access control error that stems from a network system or product that does not properly restrict access to resources from...

5.3CVSS3.7AI score0.01145EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.11 views

Google Android Information Disclosure Vulnerability (CNVD-2022-45920)

Google Android is a Linux-based open-source operating system from Google, a U.S. company. The vulnerability is caused by a configuration error in the network system or product during operation. An attacker could use this vulnerability to cause an information leak...

5.5CVSS2.6AI score0.00112EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/28 12:0 a.m.20 views

Apache CouchDB Access Control Error Vulnerability

Apache CouchDB is a document-oriented database system developed by the Apache Foundation using Erlang.An access control error vulnerability exists in versions prior to Apache CouchDB 3.2.2, which stems from a network system or product that does not properly restrict access to resources from...

10CVSS4AI score0.92335EPSS
Exploits8References1
CNVD
CNVD
added 2022/04/22 12:0 a.m.46 views

Zimbra Access Control Error Vulnerability

Zimbra Collaboration aka ZCS versions 8.8.15 and 9.0 are vulnerable to an access control error. The vulnerability stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An unauthenticated attacker could exploit the vulnerability to inje...

5CVSS4.8AI score0.84593EPSS
Exploits2Affected Software1
CNVD
CNVD
added 2022/04/15 12:0 a.m.37 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2022-65612)

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel. The vulnerability arises from errors in configuration, etc. in the operation of a networked system or product...

5.5CVSS6.4AI score0.02101EPSS
Exploits1References1
Rows per page
Query Builder