Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

233 matches found

Cvelist
Cvelistadded 2019/09/20 6:19 p.m.31 views

CVE-2019-11326

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the administrative user. The same...

8.8AI score0.0123EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2019/07/23 12:0 a.m.2 views

The vulnerability of the DVI file positioning calculation method, dvipos, caused by segmentation errors, allows a hacker to trigger a service failure.

The vulnerability of the DVI file positioning calculation tool dvipos stems from segmentation errors. Exploiting this vulnerability can allow an attacker to cause a service failure in the application by entering a specially crafted sequence of data into the command line...

4CVSS5.5AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessusadded 2019/05/08 12:0 a.m.8 views

Aerotech Soloist HPe Servo Drives Detection

Binary data 763914.prm...

7.3AI score
Exploits0
Kitploit
Kitploitadded 2019/01/25 8:43 p.m.142 views

WiGLE - Wifi Wardriving (Nethugging Client For Android)

Open source network observation, positioning, and display client from the world's largest queryable database of wireless networks. Can be used for site-survey, security analysis, and competition with your friends. Collect networks for personal research or upload to https://wigle.net. WiGLE has be...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2019/01/02 12:0 a.m.38 views

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1938-1)

This update for java-180-openjdk to version 8u171 fixes the following issues: These security issues were fixed : - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969,...

8.3CVSS5.7AI score0.15528EPSS
Exploits0References32
Tenable Nessus
Tenable Nessusadded 2019/01/02 12:0 a.m.32 views

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1938-2)

This update for java-180-openjdk to version 8u171 fixes the following issues: These security issues were fixed : - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969,...

8.3CVSS5.7AI score0.15528EPSS
Exploits0References32
Packet Storm
Packet Stormadded 2018/12/31 12:0 a.m.33 views

Taiwan GPS Satellite Positioning Passenger Web Design 1.0 SQL Injection

Exploit Title : Taiwan GPS Satellite Positioning Passenger Web Design 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Owner of the Script E-Mail : [email protected] Tested On : Windows Exploit Risk : Medium Version Information : 1.0 Vulnerability Type : CWE-89 Improper...

0.1AI score
Exploits0
OSV
OSVadded 2018/11/15 6:29 a.m.1 views

UBUNTU-CVE-2015-9274

HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service invalid read of two bytes and application crash because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh...

6.5CVSS6.8AI score0.01542EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2018/11/15 12:0 a.m.2 views

PT-2018-4583 · Harfbuzz +1 · Harfbuzz +1

Name of the Vulnerable Software and Affected Versions: HarfBuzz versions prior to 1.0.4 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid read of two bytes and application crash. This is due to mishandling of GPOS and GSUB tables, related to file...

6.5CVSS6.5AI score0.01542EPSS
Exploits0References10
Packet Storm
Packet Stormadded 2018/11/13 12:0 a.m.177 views

Android RSSI Broadcast Information Disclosure

Blog post here: https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-9581/ NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall ...

5.7AI score0.02032EPSS
Exploits6
Tenable Nessus
Tenable Nessusadded 2018/10/22 12:0 a.m.51 views

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1690-2)

This update for java-180-openjdk to version 8u171 fixes the following issues : These security issues were fixed : S8180881: Better packaging of deserialization S8182362: Update CipherOutputStream Usage S8183032: Upgrade to LittleCMS 2.9 S8189123: More consistent classloading S8189969,...

8.3CVSS5.7AI score0.15528EPSS
Exploits0References32
CNVD
CNVDadded 2018/09/18 12:0 a.m.3 views

jhead denial of service vulnerability (CNVD-2018-19092)

jhead is a tool for modifying JPEG file information. A denial of service vulnerability exists in the 'ProcessGpsInfo' function of the gpsinfo.c file in jhead version 3.00, which can be exploited by remote attackers to cause a denial of service with the help of a malicious JPEG file...

7.8CVSS7.3AI score0.01557EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linuxadded 2018/07/07 12:11 a.m.71 views

Security update for ghostscript (moderate)

This update for ghostscript fixes the following issues: - CVE-2018-10194: The settextdistance function did not prevent overflows in text-positioning calculation, which allowed remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted P...

6.8CVSS5.6AI score0.01929EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linuxadded 2018/06/16 3:8 p.m.97 views

Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk to version 8u171 fixes the following issues: These security issues were fixed: - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969,...

5.1CVSS0.3AI score0.15528EPSS
Exploits0References11
OPENSUSE Linux
OPENSUSE Linuxadded 2018/06/16 12:8 a.m.79 views

Security update for java-1_7_0-openjdk (important)

This update for java-170-openjdk to version 7u181 fixes the following issues: + S8162488: JDK should be updated to use LittleCMS 2.8 + S8180881: Better packaging of deserialization + S8182362: Update CipherOutputStream Usage + S8183032: Upgrade to LittleCMS 2.9 + S8189123: More consistent...

5.1CVSS0.2AI score0.15528EPSS
Exploits0References10
Tenable Nessus
Tenable Nessusadded 2018/06/15 12:0 a.m.36 views

SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:1692-1)

This update for java-170-openjdk to version 7u181 fixes the following issues : + S8162488: JDK should be updated to use LittleCMS 2.8 + S8180881: Better packaging of deserialization + S8182362: Update CipherOutputStream Usage + S8183032: Upgrade to LittleCMS 2.9 + S8189123: More consistent...

8.3CVSS5.7AI score0.15528EPSS
Exploits0References31
NVD
NVDadded 2018/05/29 8:29 p.m.24 views

CVE-2016-10601

webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver / IEDriver / IOSDriver / Ghostdriver. webdrvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...

9.3CVSS8.3AI score0.01682EPSS
Exploits0References1
Prion
Prionadded 2018/05/29 8:29 p.m.7 views

Remote code execution

pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary ...

9.3CVSS8AI score0.01716EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2018/05/29 8:29 p.m.17 views

Remote code execution

selenium-standalone-painful installs a start-selenium command line to start a standalone selenium server with chrome-driver. selenium-standalone-painful downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by...

9.3CVSS8.1AI score0.02021EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2018/05/04 5:29 p.m.8 views

MGASA-2018-0219 Updated ghostscript packages fix security vulnerability

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

7.8CVSS7.7AI score0.01929EPSS
Exploits0References4
Rows per page
Query Builder