Lucene search
K

707 matches found

OSV
OSV
added 2017/07/05 1:29 p.m.4 views

CVE-2017-1217

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123857...

6.1CVSS5.4AI score0.01077EPSS
Exploits0References4
CNVD
CNVD
added 2017/04/21 12:0 a.m.4 views

Unitrends Enterprise Backup api/includes/systems.php Remote Code Execution Vulnerability

Unitrends Enterprise Backup is a suite of enterprise-grade data protection software from the US-based Unitrends. The software provides data backup, data recovery and deduplication features. A security vulnerability exists in the api/includes/systems.php file in versions of Unitrends Enterprise...

9.8CVSS7.1AI score0.06179EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/28 12:0 a.m.6 views

Novell eDirectory Clickjacking Vulnerability

Novell eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from Novell, USA. The platform provides authentication policies, data backup and recovery services, data disaster recovery and other functions. A...

6.5CVSS7.1AI score0.01474EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/11 12:0 a.m.8 views

Pharos PopUp Printer Client Heap Buffer Overflow Vulnerability

Pharos PopUp Printer Client is a suite of printer client software from Pharos Systems International. A heap buffer overflow vulnerability exists in Pharos PopUp Printer Client version 9.0. An attacker could exploit this vulnerability to execute arbitrary code in the context of the affected...

10CVSS7.9AI score0.0515EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/03 12:0 a.m.5 views

NetApp Data ONTAP Security Bypass Vulnerability

NetApp Data ONTAP is a set of storage operating system from American NetApp. The system supports the enhancement of the user's enterprise application performance and improve the flexibility of the data center and so on. A security vulnerability exists in NetApp Data ONTAP versions 9.0 and 9.1 pri...

8.8CVSS6.8AI score0.02059EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/22 12:0 a.m.3 views

tcpdump buffer overflow vulnerability (CNVD-2017-02240)

tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A buffer overflow vulnerability exists in the pimv2checkchecksum...

9.8CVSS9.8AI score0.03086EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/22 12:0 a.m.4 views

tcpdump buffer overflow vulnerability (CNVD-2017-02243)

tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A buffer overflow vulnerability exists in the juniperparseheader...

9.8CVSS9.8AI score0.03198EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.2 views

ALPINE-CVE-2016-8575

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933print, a different vulnerability than CVE-2017-5482...

9.8CVSS7.9AI score0.05504EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.4 views

ALPINE-CVE-2016-7932

The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2checkchecksum...

9.8CVSS7.7AI score0.03086EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.3 views

ALPINE-CVE-2016-7973

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions...

9.8CVSS7.8AI score0.03198EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.3 views

DEBIAN-CVE-2016-7985

The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calmfastprint...

9.8CVSS7.7AI score0.03111EPSS
Exploits0References1
CNVD
CNVD
added 2016/09/30 12:0 a.m.5 views

ZOHO ManageEngine ServiceDesk Plus Privilege Vulnerability

ZOHO ManageEngine ServiceDesk is the United States ZhuoHao ZOHO company's set of web-based help desk HelpDesk and asset management software. An elevation of privilege vulnerability exists in ManageEngine ServiceDesk Plus 9.0 and prior versions, which can be exploited by an attacker to gain...

8.8CVSS7.4AI score0.02683EPSS
Exploits0References1
OSV
OSV
added 2016/06/29 1:59 a.m.5 views

CVE-2016-0304

The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J...

8.1CVSS7.5AI score0.0246EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/31 12:0 a.m.4 views

IBM Domino Man-in-the-Middle Attack Vulnerability

IBM Domino formerly IBM Lotus Domino is a suite of platforms for hosting social business applications from the American company IBM. A security vulnerability exists in IBM Domino versions 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1. An attacker is allowed to exploit the...

5.9CVSS5.7AI score0.03099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2015/11/08 10:59 p.m.3 views

CVE-2015-5043

diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015 allows local users to obtain root access via unspecified key sequences...

7.2CVSS5.5AI score0.00336EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.8 views

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the glx-utils-9.0 package of the Red Hat Enterprise Linux operating system can be exploited, which may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

6.8CVSS5.4AI score0.02687EPSS
Exploits0References3
CNVD
CNVD
added 2015/04/09 12:0 a.m.4 views

IBM Domino SSLv2 Buffer Overflow Vulnerability

IBM Domino formerly known as IBM Lotus Domino is a set of platforms for hosting social business applications from IBM in the United States. The platform combines business messaging, applications and social collaboration, and provides users with real-time online communication capabilities. A buffe...

10CVSS7.7AI score0.04828EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/05/12 6:12 p.m.6 views

postgresql: SET ROLE without ADMIN OPTION allows adding and removing group members

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command...

4CVSS7AI score0.04124EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2014/04/09 12:0 a.m.5 views

PT-2014-1324 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 8.2 before 8.25.47 Cisco Adaptive Security Appliance ASA Software versions 8.4 before 8.47.5 Cisco Adaptive Security Appliance ASA Software versions 8.7 before 8.71.11 Cisco Adaptive...

8.5CVSS9.2AI score0.02071EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2014/03/02 4:57 a.m.4 views

CVE-2014-2104

Multiple cross-site scripting XSS vulnerabilities in the Business Voice Services Manager BVSM page in Cisco Unified Communications Domain Manager 9.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and...

4.3CVSS5.4AI score0.01158EPSS
Exploits1References4
Rows per page
Query Builder