Lucene search
+L

2244 matches found

CNVD
CNVD
added 2017/11/15 12:0 a.m.5 views

SAP Plant Connectivity Arbitrary Code Execution Vulnerability

SAP Plant Connectivity PCo is a set of next-generation, high-performance production plant connectivity software from SAP, which can communicate with different industrial software platforms. A security vulnerability exists in SAP PCo versions 2.3 and 15.0. A remote attacker could exploit the...

7.8CVSS7.6AI score0.01057EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/10 12:0 a.m.3 views

Ingenious School Management System SQL Injection Vulnerability

Ingenious School Management System is a web-based school management system. The system supports adding courses, posting grades and managing teachers. A SQL injection vulnerability exists in the /view/friendprofile.php file in Ingenious School Management System version 2.3.0. A remote attacker can...

9.8CVSS8.2AI score0.01358EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/09 12:0 a.m.3 views

IBM OpenPages GRC Platform Information Disclosure Vulnerability (CNVD-2017-34238)

The IBM OpenPages GRC Platform is a suite of governance, risk and compliance platforms from IBM USA for managing enterprise risk and compliance challenges. The platform provides a set of core services and functional components across the risk and compliance domains, including operational risk,...

5.3CVSS6.1AI score0.01286EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/07 12:0 a.m.4 views

IBM OpenPages GRC Platform Information Disclosure Vulnerability (CNVD-2017-34430)

IBM OpenPages GRC Platform is a suite of platforms for managing enterprise risk and compliance from IBM in the United States. The platform provides a set of core services and functional components that cover the risk and compliance domain including operational risk, policy and compliance, financi...

5.3CVSS6AI score0.01322EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/06 12:0 a.m.4 views

Catalyst Mahara Duplicate Session Header Vulnerability

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Catalyst Mahara versions 15.04 prior to 15.04.7 and 15.10 prior to 15.10.3 using PHP version 5.3. An attacker could...

9.8CVSS6.8AI score0.01173EPSS
Exploits0References1
OSV
OSV
added 2017/10/31 2:29 p.m.9 views

CVE-2017-3933

Embedding Script XSS in HTTP Headers vulnerability in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack...

5.4CVSS5.3AI score0.00642EPSS
Exploits0References2
CNVD
CNVD
added 2017/10/09 12:0 a.m.5 views

HP Intelligent Management Center Arbitrary File Download Vulnerability (CNVD-2017-33197)

HP Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services, and users. imc SOM is one of the service operation and...

6.8CVSS6.6AI score0.03209EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/07 12:0 a.m.34 views

libzip '_zip_read_eocd64' function denial of service vulnerability

libzip is a C library for reading, creating and modifying zip archives developed by software developers Dieter Baron and Thomas Klausner. A security vulnerability exists in the 'zipreadeocd64' function of the zipopen.c file in versions of libzip prior to 1.3.0. A remote attacker can exploit this...

6.5CVSS5.5AI score0.032EPSS
Exploits0References1
OSV
OSV
added 2017/08/31 5:45 p.m.8 views

SUSE-SU-2017:2315-1 Security update for libreoffice

LibreOffice was updated to version 5.3.5.2, bringing new features and enhancements: Writer: - New 'Go to Page' dialog for quickly jumping to another page. - Support for 'Table Styles'. - New drawing tools were added. - Improvements in the toolbar. - Borderless padding is displayed. Calc: - New...

9.8CVSS9.2AI score0.03864EPSS
Exploits0References34
OSV
OSV
added 2017/08/23 2:29 p.m.5 views

UBUNTU-CVE-2017-11610

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups...

8.8CVSS7.6AI score0.87544EPSS
Exploits10References3
CNVD
CNVD
added 2017/08/19 12:0 a.m.2 views

WordPress PressForward plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.PressForward plugin is one of the workflow editing plugin. A cross-site scripting vulnerability exists in the...

6.1CVSS5.8AI score0.00757EPSS
Exploits1References1
CNVD
CNVD
added 2017/08/16 12:0 a.m.5 views

OSNEXUS QuantaStor v4 Virtual Appliance Cross-Site Scripting Vulnerability

OSNEXUS QuantaStor v4 virtual appliance is a virtual storage appliance from OSNEXUS USA. A cross-site scripting vulnerability exists in OSNEXUS QuantaStor v4 virtual appliance versions prior to 4.3.1. A remote attacker can exploit this vulnerability to inject arbitrary HTML or JavaScript code...

6.1CVSS5.6AI score0.02559EPSS
Exploits6References1
CNVD
CNVD
added 2017/08/16 12:0 a.m.5 views

Opencv Remote Code Execution Vulnerability

OpenCV is an open source, cross-platform, lightweight computer vision library. A remote code execution vulnerability exists in the modules/imgcodecs/src/grfmtpxm.cpp file in OpenCV 3.3 and earlier versions. A remote attacker could exploit this vulnerability to execute code or cause a denial of...

8.8CVSS6.7AI score0.03066EPSS
Exploits0References1
OSV
OSV
added 2017/08/11 7:29 p.m.5 views

CVE-2017-3107

Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability...

7.5CVSS5.8AI score0.06795EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/11 12:0 a.m.3 views

Mozilla Firefox and Firefox ESR Memory Misreference Vulnerability (CNVD-2017-22580)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory misreference vulnerability exists in Mozilla Firefox versions prior to 55 and Firefox ES...

9.8CVSS8.7AI score0.02677EPSS
Exploits1References1
OSV
OSV
added 2017/08/08 3:29 p.m.3 views

CVE-2017-10123

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. The supported version that is affected is 12.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server...

4.3CVSS7.3AI score0.01418EPSS
Exploits0References3
OSV
OSV
added 2017/08/07 1:29 a.m.3 views

DEBIAN-CVE-2017-12601

OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...

8.8CVSS7.5AI score0.02071EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/07 12:0 a.m.25 views

OpenCV Denial of Service Vulnerability (CNVD-2017-24179)

OpenCV is an open source, cross-platform, lightweight computer vision library. A denial of service vulnerability exists in the 'icvCvtBGRA2BGR8uC4C3R' function in OpenCV 3.3 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service read across boundaries...

8.8CVSS5.8AI score0.0197EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/03 12:0 a.m.5 views

IBM InfoSphere Information Server elevation of privilege vulnerability (CNVD-2017-21244)

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An elevation of privilege vulnerability exists in IBM InfoSphere Information Server versions 9.1, 11.3, and...

8.1CVSS6.8AI score0.01994EPSS
Exploits2References1
OSV
OSV
added 2017/08/02 4:29 p.m.6 views

CVE-2016-7844

GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...

5.5CVSS6AI score0.00863EPSS
Exploits0References3
Rows per page
Query Builder