Lucene search
K

36 matches found

CNNVD
CNNVD
added 2022/06/17 12:0 a.m.6 views

Mitel MiVoice Business Express 安全漏洞

Mitel MiVoice Business Express is a real-time communications solution from Mitel Canada. A security vulnerability exists in Mitel MiVoice Business version 9.3 PR1 and earlier and MiVoice Business Express version 8.0 SP3 PR3 and earlier, which stems from insufficient validation of URL parameters. ...

9.8CVSS9AI score0.01524EPSS
Exploits0References3
NVD
NVD
added 2021/11/15 4:15 p.m.22 views

CVE-2020-12929

Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution...

7.8CVSS0.00257EPSS
Exploits0References1
Prion
Prion
added 2021/11/15 4:15 p.m.13 views

Design/Logic Flaw

Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution...

4.6CVSS7.8AI score0.00257EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/15 3:52 p.m.21 views

CVE-2020-12929

Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution...

7.9AI score0.00257EPSS
Exploits0References1
CVE
CVE
added 2021/11/15 3:52 p.m.57 views

CVE-2020-12929

CVE-2020-12929 affects the AMD Graphics Driver for Windows 10. It is caused by improper parameter validation in some trusted PSP applications, enabling a local attacker to bypass security restrictions and achieve arbitrary code execution. According to AMD’s bulletin, this CVE is mitigated in Rade...

7.8CVSS7.8AI score0.00257EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/05/23 1:30 a.m.3 views

MGASA-2021-0219 Updated libx11 packages fix a security vulnerability

XLookupColor and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application for instance a color name that can be emitted via a terminal control sequence it can lead to the emission of extra X protoc...

9.8CVSS9.4AI score0.10634EPSS
Exploits2References5
Prion
Prion
added 2020/12/31 8:15 a.m.17 views

Hardcoded credentials

HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks...

4.3CVSS6AI score0.00611EPSS
Exploits0References1Affected Software4
OSV
OSV
added 2020/08/17 3:15 p.m.5 views

CVE-2020-9242

FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack...

8.8CVSS5.8AI score0.01306EPSS
Exploits0References1
Prion
Prion
added 2020/08/11 2:15 p.m.22 views

Input validation

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affect...

4.9CVSS6.7AI score0.00701EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/08/05 4:15 p.m.42 views

CVE-2020-16192

LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters...

6.1CVSS6.2AI score0.00665EPSS
Exploits0References1
NVD
NVD
added 2018/10/17 3:29 p.m.28 views

CVE-2017-17176

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156,...

7.2CVSS6.7AI score0.00309EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 5:29 p.m.14 views

Design/Logic Flaw

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120C212; The versions before ALP-L09 8.0.0.127C900; The versions before ALP-L09 8.0.0.128402/C02/C109/C346/C432/C652 has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker...

9.3CVSS7.8AI score0.01009EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2017/04/10 5:30 p.m.7 views

Local Privilege Escalation in the Management Web Interface

A vulnerability exists in the Management Web Interface that could allow for local privilege escalation. The Management Web Interface does not properly validate specific request parameters which can potentially allow executing code with higher privileges. Ref PAN-70426/ CVE-2017-7218 Successfully...

7.8CVSS6.9AI score0.00544EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.33 views

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3980)

This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...

5CVSS6.5AI score0.07919EPSS
Exploits2References18
CERT
CERT
added 2007/06/12 12:0 a.m.25 views

Microsoft Windows Win32 API fails to properly validate function parameters

Overview The Microsoft Windows Win32 API fails to properly validate function parameters, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Win32 API is a set of application programming interfaces for the...

9.3CVSS6.7AI score0.31808EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/11/11 12:0 a.m.133 views

Avahi privilege escalation

Insufficient Netlink parameters validation allow to manipulate server parameters...

5.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder