CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2023/03/29 7:15 p.m.•15 views

Deserialization of untrusted data

7.5CVSS9.8AI score0.07334EPSS

Exploits0References2Affected Software1

CNNVD•added 2023/03/29 12:0 a.m.•3 views

Ivanti Avalanche 代码问题漏洞

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A code issue vulnerability exists in Ivanti Avalanche version 6.3.2.3490, which stems from a lack of proper...

9.8CVSS8.8AI score0.07334EPSS

Tenable Nessus•added 2022/10/21 12:0 a.m.•65 views

Oracle Database Server (Oct 2022 CPU)

The 19c and 21c versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Database - Machine Learning Numpy component of Oracle Database Server. The supported version that ...

9.8CVSS7AI score0.18114EPSS

Exploits22References25

Zero Day Initiative•added 2022/05/26 12:0 a.m.•28 views

Ivanti Avalanche Notification Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification Server...

9.8CVSS4.1AI score0.07334EPSS

Positive Technologies•added 2022/05/26 12:0 a.m.•3 views

PT-2022-23722 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche version 6.3.2.3490 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be...

9.8CVSS9.9AI score0.07334EPSS

CNNVD•added 2022/03/04 12:0 a.m.•4 views

Symantec Management Center 安全漏洞

Symantec Management Agent is a suite of software used to manage computers in bulk. The software supports communication between Notification Server computers and computers on the network. symantec Management Agent has a security vulnerability that can be exploited by attackers to elevate a low...

7.8CVSS5.6AI score0.0027EPSS

Cvelist•added 2021/12/09 12:55 p.m.•18 views

CVE-2021-22565 Insufficient Granularity of Access Control in GAEN Notification Server

An attacker could prematurely expire a verification code, making it unusable by the patient, making the patient unable to upload their TEKs to generate exposure notifications. We recommend upgrading the Exposure Notification server to V1.1.2 or greater...

6.5CVSS6.6AI score0.00425EPSS

Positive Technologies•added 2021/11/10 12:0 a.m.•1 views

PT-2021-15144 · Unknown · Exposure Notification Server

Name of the Vulnerable Software and Affected Versions: Exposure Notification server versions prior to V1.1.2 Description: An attacker could prematurely expire a verification code, making it unusable by the patient, and preventing the patient from uploading their TEKs to generate exposure...

6.5CVSS7.1AI score0.00425EPSS

Exploits0References8

CNVD•added 2021/09/22 12:0 a.m.•3 views

Zoho ManageEngine Desktop Central Remote Code Execution Vulnerability (CNVD-2021-88243)

Zoho ManageEngine Desktop Central is integrated desktop and mobile device management software that helps manage servers, laptops, desktops, smartphones and tablets from a central location. A remote code execution vulnerability exists in Zoho ManageEngine Desktop Central versions prior to 10.0.683...

9.8CVSS7.8AI score0.01971EPSS

CNNVD•added 2021/09/21 12:0 a.m.•2 views

ZOHO ManageEngine Desktop Central 命令注入漏洞

9.8CVSS9.2AI score0.01971EPSS

OSV•added 2019/06/28 11:15 p.m.•2 views

DEBIAN-CVE-2019-13031

LemonLDAP::NG before 1.9.20 has an XML External Entity XXE issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule...

8.1CVSS7.1AI score0.01934EPSS

OSV•added 2019/06/28 11:15 p.m.•15 views

CVE-2019-13031

8.1CVSS6.7AI score0.01934EPSS

NVD•added 2019/06/28 11:15 p.m.•15 views

CVE-2019-13031

8.1CVSS8AI score0.01934EPSS

UbuntuCve•added 2019/06/28 11:15 p.m.•23 views

CVE-2019-13031

8.1CVSS7.1AI score0.01934EPSS

Prion•added 2019/06/28 11:15 p.m.•18 views

Xxe

6.8CVSS7.9AI score0.01934EPSS

Exploits0References3Affected Software1

OSV•added 2019/06/28 11:15 p.m.•0 views

UBUNTU-CVE-2019-13031

8.1CVSS5.8AI score0.01934EPSS

Cvelist•added 2019/06/28 10:42 p.m.•15 views

CVE-2019-13031

8AI score0.01934EPSS

Debian CVE•added 2019/06/28 10:42 p.m.•22 views

CVE-2019-13031

8.1CVSS8AI score0.01934EPSS

Exploits0

CNVD•added 2017/12/18 12:0 a.m.•1 views

Apple iCloud for Windows and iTunes for Windows APNs Server Security Bypass Vulnerability

Apple iCloud for Windows and iTunes for Windows are both products of Apple Inc. Apple iCloud for Windows is a Windows-based cloud service that supports the storage of music, photos, apps, contacts, and more. iTunes for Windows is a suite of media player applications based on the Windows platform...

5.9CVSS6.6AI score0.00684EPSS