Lucene search
K

227 matches found

CNNVD
CNNVD
added 2022/01/25 12:0 a.m.5 views

Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. There is a security vulnerability in xen tha...

7.8CVSS7.4AI score0.0034EPSS
Exploits0References10
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.11 views

Xen 数字错误漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A numeric error vulnerability exists in xen,...

5.5CVSS6.5AI score0.00336EPSS
Exploits0References11
CNVD
CNVD
added 2022/01/23 12:0 a.m.17 views

Istio Licensing Issue Vulnerability (CNVD-2022-08360)

Istio is an open platform for connecting, managing, and securing microservices. Istio is vulnerable to an authorization issue in versions 1.12.0 and 1.12.1, which stems from a lack of authentication measures or insufficient authentication strength in a networked system or product. An attacker cou...

9.8CVSS3.7AI score0.0107EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/18 12:0 a.m.30 views

An unspecified vulnerability exists in vim (CNVD-2022-20699)

Vim is an editor based on the UNIX platform. vim suffers from a security vulnerability that stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in an incorrect read or write operation being performed to an...

6.8CVSS2.7AI score0.01242EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/14 12:0 a.m.29 views

Atlassian Jira Access Control Error Vulnerability (CNVD-2022-05435)

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira Center is vulnerable to an access control error that occurs when a networked system or product does not properly restrict access to resources from unauthorized roles, which can be exploited by an...

4.3CVSS4.6AI score0.00809EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/14 12:0 a.m.32 views

Pillow input validation error vulnerability

Pillow is a Python-based image processing library. Pillow is vulnerable to an input validation error prior to 9.0.0, which stems from a networked system or product that does not properly validate input data. An attacker could exploit this vulnerability to execute arbitrary expressions using the...

9.8CVSS4.8AI score0.03399EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/13 12:0 a.m.17 views

radare2 buffer overflow vulnerability (CNVD-2022-03956)

radare2 is a set of libraries and tools for working with binary files. radare2 suffers from a buffer error vulnerability, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in an incorrect read or write...

9.6CVSS2.8AI score0.01105EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/01/11 12:0 a.m.4 views

radare2 缓冲区错误漏洞

radare2 is a set of libraries and tools for working with binary files. radare2 suffers from a buffer error vulnerability, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in an incorrect read or write...

9.6CVSS6.1AI score0.01105EPSS
Exploits1References7
CNVD
CNVD
added 2022/01/10 12:0 a.m.23 views

GPAC Code Issue Vulnerability (CNVD-2022-04820)

GPAC is an open source multimedia framework. GPAC 1.0.1 contains a security vulnerability that stems from improper design or implementation during the development of code for a networked system or product, which could be exploited by an attacker to conduct a denial-of-service attack...

5.5CVSS4.3AI score0.00625EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/08 12:0 a.m.26 views

Atlassian Jira Remote Code Execution Vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to a remote code execution vulnerability that originates when a networked system or product does not properly validate incoming data. An attacker could use this vulnerability to execute...

9CVSS5.6AI score0.04117EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/08 12:0 a.m.32 views

vim out-of-bounds read vulnerability

Vim is an editor based on the UNIX platform. An out-of-bounds read vulnerability exists in Vim, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in incorrect read and write operations being performed to...

7.8CVSS2.9AI score0.01739EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/07 12:0 a.m.23 views

GPAC Denial of Service Vulnerability (CNVD-2022-03211)

GPAC is an open source multimedia framework. GPAC 1.0.1 contains a security vulnerability that stems from improper design or implementation during the development of code for a networked system or product, which could be exploited by an attacker to conduct a denial-of-service attack...

5.5CVSS4.2AI score0.00625EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/06 12:0 a.m.24 views

Apache James path traversal vulnerability

Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server written entirely in Java by the Apache Foundation. Apache James in version 3.6.1 contains a path traversal vulnerability that stems from a failure of a networked system or product to properly filter special...

9.1CVSS3.2AI score0.03706EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/06 12:0 a.m.19 views

Spinnaker Path Traversal Vulnerability

Spinnaker is a continuous delivery platform. Used to release software changes with high speed and confidence. Spinnaker suffers from a path traversal vulnerability that arises from a networked system or product that fails to properly filter for specific elements in a resource or file path. An...

7.1CVSS6.8AI score0.00344EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/24 12:0 a.m.28 views

Adobe Audition Buffer Overflow Vulnerability (CNVD-2021-102794)

Adobe Audition is a set of multi-track editing tools from Adobe. Adobe Audition suffers from a buffer overflow vulnerability that originates when a networked system or product does not properly validate data boundaries when performing operations in memory, resulting in incorrect read and write...

4.3CVSS2.9AI score0.01802EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.30 views

Teeworlds buffer overflow vulnerability

Teeworlds is an online multiplayer shooter game. Teeworlds suffers from a buffer overflow vulnerability that originates when a networked system or product performs an operation on memory that does not properly validate data boundaries, resulting in an incorrect read or write operation being...

7.8CVSS4.4AI score0.01382EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/10 12:0 a.m.15 views

KNIME directory traversal vulnerability

A directory traversal vulnerability exists in Knime, the Swiss company's enterprise software for putting data science workflows into production. knime stems from a failure of a networked system or product to properly filter special elements in a resource or file path, which could be exploited by ...

7.5CVSS3.3AI score0.01529EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/22 12:0 a.m.15 views

Moddable SDK Stack Overflow Vulnerability (CNVD-2021-90311)

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable U.S. A security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulti...

7.8CVSS2AI score0.00739EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/22 12:0 a.m.17 views

Moddable SDK buffer over-read vulnerability

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable U.S. A security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulti...

7.1CVSS1.9AI score0.00711EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/22 12:0 a.m.18 views

Moddable SDK Heap Buffer Overflow Vulnerability (CNVD-2021-90313)

The Moddable SDK is a combination of development tools and runtime software used to create applications for microcontrollers. a security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing...

7.8CVSS1.7AI score0.0073EPSS
Exploits1References1
Rows per page
Query Builder