CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2017/04/12 12:0 a.m.•37 views

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20170411)

Security Fixes : - An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. CVE-2017-2668 Bug Fixes : -...

6.5CVSS6.6AI score0.03115EPSS

Exploits0References2

RedHat Linux•added 2017/04/11 11:46 a.m.•53 views

Important: Red Hat Security Advisory: 389-ds-base security and bug fix update

6.5CVSS6.7AI score0.03115EPSS

OpenVAS•added 2017/04/10 12:0 a.m.•39 views

Cisco UCS Manager Debug Plug-in Privilege Escalation Vulnerability (cisco-sa-20170405-ucs)

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager could allow an authenticated, local attacker to execute arbitrary commands. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

7.2CVSS6.6AI score0.00024EPSS

Exploits0References1

OSV•added 2017/04/07 5:59 p.m.•1 views

CVE-2017-6598

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege...

6.7CVSS6AI score

CVE•added 2017/04/07 5:0 p.m.•55 views

CVE-2017-6598

CVE-2017-6598 affects Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance. A vulnerability in the debug plug-in functionality allows an authenticated, local attacker to execute arbitrary commands with elevated privileges. The root cause is inadequate i...

7.2CVSS6.7AI score0.00024EPSS

Exploits0References3Affected Software2

Cvelist•added 2017/04/07 5:0 p.m.•24 views

CVE-2017-6598

6.7AI score0.00024EPSS

Cisco•added 2017/04/05 4:0 p.m.•46 views

Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance Debug Plug-in Privilege Escalation Vulnerability

6.4CVSS6.8AI score0.00024EPSS

Exploits0References1

CNVD•added 2017/03/27 12:0 a.m.•1 views

Jinnovision-JNDV Audio/Video Conference Converged Communication Platform s2-045 Remote Code Execution Vulnerability

JNDV audio/video conferencing converged communication platform is used to realize centralized monitoring, storage, data forwarding, management and control of all network video surveillance devices including network video servers and network cameras at the front end. Jinnovision-JNDV audio and vid...

CNVD•added 2017/03/21 12:0 a.m.•1 views

Hikvision has s2-045 Remote Command Execution Vulnerability in Multiple Product Systems

Hikvision is a video-centric IoT solution and data operation service provider. Hikvision's multiple product systems use Apache Struts xwork as the website application framework. The file upload function of the Jakarta plug-in of this framework has a remote command execution vulnerability s2-045,...

7.7AI score

CNVD•added 2017/03/18 12:0 a.m.•2 views

s2-045 remote command execution vulnerability in KINGOSOFT University Teaching Network Management System of Hunan Qingguo Software Co.

Hunan Qingguo Software Co., Ltd KINGOSOFT college teaching network management system is a technical solution for the construction of digital campus for colleges and universities. Hunan Qingguo Software Co., Ltd. KINGOSOFT university teaching network management system uses Apache Struts xwork as t...

CNVD•added 2017/03/07 12:0 a.m.•1 views

S2-045 Remote Command Execution Vulnerability in Soyo's CMS Website Management Platform

The Sawyer Technology CMS Website Management Platform is a content management system. The Apache Struts xwork is used as the web application framework, the file upload function of the Jakarta plug-in of the framework has a remote command execution vulnerability s2-045, which can be triggered by...

CNVD•added 2017/03/07 12:0 a.m.•1 views

Nanjing Sudi Technology Webplus pro suffers from s2-045 remote command execution vulnerability

NJSU Webplus pro is a content management system. Webplus pro uses Apache Struts xwork as its application framework, and the file upload function of the Jakarta plug-in of this framework has a remote command execution vulnerability s2-045, which can be triggered by modifying the value of...

Fedora•added 2017/02/20 6:54 p.m.•22 views

[SECURITY] Fedora 25 Update: mingw-gstreamer1-1.10.3-1.fc25

GStreamer is a streaming-media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plug-in-based architecture means that new data types...

7.5CVSS3.4AI score0.02382EPSS

Tenable Nessus•added 2017/02/16 12:0 a.m.•37 views

SUSE SLED12 / SLES12 Security Update : ppp (SUSE-SU-2017:0474-1)

The ppp package was updated to fix the following security issue : - CVE-2015-3310: Fixed a buffer overflow in radius plug-in's rcmksid bsc927841. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

4.3CVSS8.4AI score0.01726EPSS

Exploits0References4

OSV•added 2017/02/15 3:29 p.m.•2 views

SUSE-SU-2017:0474-1 Security update for ppp

The ppp package was updated to fix the following security issue: - CVE-2015-3310: Fixed a buffer overflow in radius plug-in's rcmksid bsc927841...

4.3CVSS6.7AI score0.01726EPSS

OSV•added 2017/02/15 3:28 p.m.•2 views

SUSE-SU-2017:0473-1 Security update for ppp

The ppp package was updated to fix the following security issue: - CVE-2015-3310: Fixed a buffer overflow in radius plug-in's rcmksid bsc927841...

4.3CVSS6.7AI score0.01726EPSS