Lucene search
+L

2245 matches found

OSV
OSV
added 2018/07/18 1:29 p.m.4 views

CVE-2018-3046

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Difficult to exploit vulnerability allows low privileged attacker with network...

5.3CVSS5.8AI score0.01612EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.4 views

CVE-2018-3043

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...

5.4CVSS7.3AI score0.01611EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.6 views

CVE-2018-2928

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: RAD. The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks...

8.1CVSS7.3AI score0.02EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-2892

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Availability Suite Service. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to...

7.8CVSS7.3AI score0.01693EPSS
Exploits4References4
OSV
OSV
added 2018/06/26 4:29 p.m.12 views

UBUNTU-CVE-2018-1000548

Umlet version 14.3 contains a XML External Entity XXE vulnerability in File parsing that can result in disclosure of confidential data, denial of service, server side request forgery. This attack appear to be exploitable via Specially crafted UXF file. This vulnerability appears to have been fixe...

7.8CVSS7.1AI score0.01317EPSS
Exploits1References4
OSV
OSV
added 2018/06/22 1:29 p.m.3 views

DEBIAN-CVE-2017-7466

Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the...

8CVSS8.4AI score0.03157EPSS
Exploits0References1
OSV
OSV
added 2018/05/19 5:29 p.m.2 views

CVE-2018-4930

Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...

6.1CVSS5.8AI score0.01883EPSS
Exploits0References2
OSV
OSV
added 2018/05/17 3:29 a.m.6 views

CVE-2018-0280

A vulnerability in the Real-Time Transport Protocol RTP bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker...

7.5CVSS5.8AI score0.03381EPSS
Exploits0References3
OSV
OSV
added 2018/05/15 2:29 a.m.5 views

UBUNTU-CVE-2018-11102

An issue was discovered in Libav 12.3. A read access violation in the movprobe function in libavformat/mov.c allows remote attackers to cause a denial of service application crash, as demonstrated by avconv...

7.5CVSS7.2AI score0.02638EPSS
Exploits0References4
CNVD
CNVD
added 2018/05/10 12:0 a.m.39 views

Dell EMC RSA Authentication Manager Security Console, Operation Console and Self-Service Console Host Header Injection Vulnerability

Dell EMC RSA Authentication Manager is a centralized set of binary authentication software from Dell Dell. The software allows for centralized management of binary authentication, security tokens, methods, and users across physical sites.RSA Authentication Manager Security Console is one of the...

6.1CVSS6.7AI score0.01467EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/10 12:0 a.m.6 views

CloudBees Jenkins Google Login Plugin Session Fixation Vulnerability

CloudBees Jenkins is a set of Java-based continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks.Google Login Plugin is used in one of the support for the use of Google accounts to log in to Jenkins...

5.9CVSS6.7AI score0.0159EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/08 12:0 a.m.43 views

Denial of Service Vulnerability in RSA Authentication Manager

Dell EMC RSA Authentication Manager is a centralized suite of binary authentication software from Dell USA. The software centralizes the management of binary identities, security tokens, methods, and users across physical sites.RSA Authentication Manager Security Console is one of the security...

7.1CVSS7.1AI score0.16359EPSS
Exploits5References1
CNVD
CNVD
added 2018/04/24 12:0 a.m.4 views

Apple iOS Telephony Buffer Overflow Vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices.APNs are a component of the push notification service.Telephony is a component that provides telephony functionality. A buffer overflow vulnerability exists in the Telephony component in Apple iOS versions prior to 11.3. ...

9.8CVSS7.5AI score0.05488EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/24 12:0 a.m.5 views

Apple iOS Find My iPhone Denial of Service Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices.Find My iPhone is one of the components that provides the ability to retrieve an accidentally lost iPhone. A security vulnerability exists in the Find My iPhone component in Apple iOS versions prior to 11.3. The vulnerability...

4.6CVSS6.5AI score0.00396EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/12 12:0 a.m.4 views

SAP Business One Cross-Site Scripting Vulnerability

SAP Business One is a business management software for small businesses. The software includes features such as financial management, customer relationship management and human resource management. A cross-site scripting vulnerability exists in SAP Business One versions 9.2 and 9.3, which arises...

5.4CVSS6.7AI score0.00968EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/08 12:0 a.m.4 views

Apple Xcode LLVM Component Design Vulnerability

Apple Xcode is the United States Apple Apple company's set of integrated development environment for developers, it is mainly used for the development of Mac OS X and iOS applications. LLVM Low Level Virtual Machine is a set of LLVM team developed a framework for framing the compiler compiler...

10CVSS6.5AI score0.025EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/08 12:0 a.m.6 views

Apple iOS, Safari and tvOS JavaScriptCore Cross-Site Scripting Vulnerability

Apple iOS, Safari, and tvOS are all products of Apple Inc. Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems; iOS is a set of operating systems developed for mobile devices; and tvOS is a set of operating systems for smart TVs...

6.1CVSS5.8AI score0.01079EPSS
Exploits0References1
OSV
OSV
added 2018/04/06 5:29 p.m.3 views

DEBIAN-CVE-2013-6876

The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...

7.8CVSS6.8AI score0.00587EPSS
Exploits0References1
OSV
OSV
added 2018/04/03 12:0 a.m.5 views

UBUNTU-CVE-2018-4146

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit"...

6.5CVSS6.7AI score0.01345EPSS
Exploits0References10
CNVD
CNVD
added 2018/03/15 12:0 a.m.4 views

Unspecified Vulnerability in inversoft prime-jwt

inversoft prime-jwt is an open source Java 8-based JWT library . A security vulnerability exists in JWTDecoder.decode in versions prior to inversoft prime-jwt 1.3.0 and commit 0d94dcef0133d699f21d217e922564adbb83a227. No details of the vulnerability are provided at this time...

9.8CVSS6.9AI score0.01414EPSS
Exploits0References1
Rows per page
Query Builder