Lucene search
K

196 matches found

CNVD
CNVD
added 2022/03/09 12:0 a.m.15 views

Google Android Information Disclosure Vulnerability

Google Android is a Linux-based open source operating system from Google. An information disclosure vulnerability exists in Google Android versions prior to 10, 11, and 12. The vulnerability arises from a configuration error in the network system or product during operation. An attacker could...

6.5CVSS5.9AI score0.00682EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/21 12:0 a.m.19 views

TOTOLINK Technology Routers Command Injection Vulnerability (CNVD-2022-17113)

TOTOLink T6 is a wireless dual-band router from TotoLink, China.TOTOLink T10 is a wireless network system router from TotoLink, China.The recvSlaveUpgstatus function of TOTOLINK Technology Routers T6 and T10 is vulnerable to command injection. vulnerability. An attacker can exploit this...

9.8CVSS6.1AI score0.0222EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/15 12:0 a.m.40 views

Apache Cassandra Code Injection Vulnerability

Apache Cassandra is a distributed Nosql database from the American Apache Apache Foundation. Apache Cassandra suffers from a code injection vulnerability that stems from a network system or product failing to properly filter specific elements of externally entered data during the construction of ...

9.1CVSS9.3AI score0.54889EPSS
Exploits7References1
CNVD
CNVD
added 2022/02/15 12:0 a.m.21 views

Samsung telephony information disclosure vulnerability (CNVD-2022-70759)

Samsung Telephony is a telephony feature of Samsung mobile devices. samsung telephony is vulnerable to an information disclosure vulnerability that results from a configuration error in the network system or product during operation. An attacker could use the vulnerability to obtain Cell Location...

5.5CVSS1.6AI score0.00105EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/13 12:0 a.m.13 views

Schneider Electric Interactive Graphical SCADA System Authorization Issues Vulnerability

Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. An authorization issue vulnerability exists in the Schneider Electric Interactive Graphical SCA...

7.5CVSS7.6AI score0.01206EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.27 views

Apache Superset Information Disclosure Vulnerability (CNVD-2022-14706)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an information disclosure vulnerability that originates from errors such as configuration during operation of a networked system or product. An attacker could exploit...

6.5CVSS6AI score0.07863EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.13 views

Microsoft Visual Studio Code Code Injection Vulnerability (CNVD-2022-29568)

A code injection vulnerability exists in Microsoft Visual Studio Code, an open source code editor from Microsoft Corporation. The vulnerability stems from a network system or product that does not properly filter special elements in code segments constructed from external input data. An attacker...

8.1CVSS3AI score0.02075EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/28 12:0 a.m.24 views

Reolink RLC-410W Command Injection Vulnerability

Reolink Rlc-410W is a Wifi security camera from Reolink China.A command injection vulnerability exists in Reolink RLC-410W version v3.0.0.13620121102, which stems from the failure of the network system or product to properly filter special characters, commands, etc., during the execution of...

9.8CVSS6.1AI score0.03657EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/28 12:0 a.m.21 views

Nextcloud Android app information disclosure vulnerability (CNVD-2022-18414)

Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from the German company Nextcloud. information disclosure in versions of Nextcloud Android app prior to 3.17.1, the vulnerability stems from a network system or product that has a configuration and other...

5.3CVSS3.1AI score0.00948EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/28 12:0 a.m.18 views

Moxa TN-5900 Command Injection Vulnerability

Moxa Tn-5900 is a series of En50155 wall-mounted routers from Moxa, China.A command injection vulnerability exists in Moxa TN-5900, which is caused when the network system or product fails to properly filter special characters, commands, etc. during the execution of commands entered by the user. ...

9.8CVSS6.8AI score0.03586EPSS
Exploits2References1
CNVD
CNVD
added 2022/01/27 12:0 a.m.17 views

OneBlog Permission License and Access Control Issues Vulnerability

OneBlog is a beautiful, powerful Java blog. OneBlog in version 2.2.8 and earlier suffers from a Permissions Permission and Access Control Issues vulnerability that arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker coul...

6.5CVSS6.3AI score0.00671EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/27 12:0 a.m.14 views

Apache ShenYu Information Disclosure Vulnerability

Apache ShenYu is an asynchronous , high-performance , cross-language , responsive API gateway of the United States Apache Apache Foundation . An information disclosure vulnerability exists in Apache ShenYu versions 2.4.0 and 2.4.1, which arises from a configuration or other error in the operation...

7.5CVSS7.1AI score0.04306EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/26 12:0 a.m.12 views

Dell EMC Data Protection Central Input Validation Error Vulnerability

Dell Emc Data Protection Central is a management console from Dell USA Inc. It is used for data protection. A security vulnerability exists in Dell EMC Data Protection Central that originates from a network system or product that does not properly validate incoming data. No details of the...

7.5CVSS7.5AI score0.01221EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/26 12:0 a.m.13 views

Unisys Messaging Integration Services存在未明漏洞

Unisys Messaging Integration Services Ntsi is a messaging-based interface between two programs from Unisys, Inc. A security vulnerability exists in Unisys Messaging Integration Services Ntsi, which stems from a network system or product that does not The vulnerability is caused by a network syste...

9.8CVSS2.2AI score0.01169EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/24 12:0 a.m.6 views

Mozilla Thunderbird SQL注入漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports the IMAP and POP mail protocols as well as the HTML mail format. Mozilla Thunderbird suffers from an SQL injection vulnerability that...

8.4CVSS7.4AI score0.02254EPSS
Exploits0References4
CNVD
CNVD
added 2022/01/24 12:0 a.m.23 views

Lexmark input validation error vulnerability

Lexmark is a series of printers in the U.S. A security vulnerability exists in Lexmark, which stems from a network system or product that does not properly filter special elements in code segments constructed from external input data. An attacker could exploit the vulnerability to generate an...

10CVSS3.7AI score0.06427EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/23 12:0 a.m.18 views

microweber access control error vulnerability

Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, and more. microweber is vulnerable to an access control error, which stems from a network system o...

6.5CVSS3.9AI score0.01121EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/23 12:0 a.m.21 views

Lexmark Command Injection Vulnerability

Lexmark is a series of printers in the U.S. A command injection vulnerability exists in Lexmark, which stems from the failure of a network system or product to properly filter special characters, commands, etc. during the execution of commands entered by a user into the construct. An attacker cou...

10CVSS6.1AI score0.07702EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/21 12:0 a.m.24 views

Mattermost Access Control Error Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. An access control error vulnerability exists in Mattermost versions 6.1 and earlier, which stems from a network system or product that does not properly restrict access to resources from unauthorized roles, and could be...

6.5CVSS3AI score0.00585EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/18 12:0 a.m.27 views

IBM FileNet Content Manager Command Injection Vulnerability

IBM FileNet Content Manager is a content management solution for the FileNet P8 platform from IBM of America. The solution combines document management with ready-to-use workflow tools to manage images, videos, Web content, compliance documents, etc. IBM FileNet Content Manager in versions 5.5.4,...

9CVSS6.1AI score0.01761EPSS
Exploits0References1
Rows per page
Query Builder