Lucene search
+L

623 matches found

Cvelist
Cvelist
added 2022/03/04 4:15 p.m.28 views

CVE-2022-21828

A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3...

7.3AI score0.03715EPSS
Exploits1References1
Microsoft Secure
Microsoft Secure
added 2022/02/10 5:0 p.m.21 views

What’s Next in Security from Microsoft

One of the biggest challenges in security today is complexity. Not only is there an ever-growing number of threats, but many organizations are defending their companies with a patchwork of security solutions that don’t work well together. This piecemeal approach is costly, less secure, and hinder...

7.3AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/01/19 11:24 a.m.13 views

CVE-2022-21327

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

6.3CVSS5.7AI score0.02795EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/19 12:0 a.m.7 views

Oracle Essbase 安全漏洞

Oracle Essbase is an application from Oracle Corporation Oracle. enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. A security vulnerability exists in Oracle Essbase's Oracle Essbase Management Services product...

9.9CVSS8.3AI score0.01191EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/13 12:0 a.m.5 views

GitLab 资源管理错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. GitLab There is a resource management error vulnerability, the vulnerability...

6.5CVSS6.6AI score0.01449EPSS
Exploits0References6
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/11/03 4:0 p.m.10 views

Evolving Zero Trust—Lessons learned and emerging trends

Looking back at the last two years, to say that our security strategies have evolved would be an understatement. Organizations around the world made overnight transitions to remote work models in response to a global pandemic, forcing them to reassess attack surface areas as they underwent an...

7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/11/02 1:15 p.m.3 views

CVE-2021-42568

Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account...

4.3CVSS5.8AI score0.00456EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/11/01 12:0 a.m.2 views

CVE-2021-36335

Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server...

8.8CVSS7.5AI score0.01122EPSS
Exploits0References2
Prion
Prion
added 2021/10/20 11:17 a.m.13 views

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

6.8CVSS4.9AI score0.01663EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.6 views

Microsoft Windows 权限许可和访问控制问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows DirectX with privilege license and access control issues. The following products and editions are affected: Windows 10 Version 2004 for...

7.8CVSS7.2AI score0.00636EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/09/24 3:48 p.m.25 views

TangleBot Malware Reaches Deep into Android Device Functions

An Android malware called TangleBot has weaved its way onto the cyber-scene: One that researchers said can perform a bouquet of malicious actions, including stealing personal info and controlling apps and device functions. According to Cloudmark researchers, the newly discovered mobile malware is...

7.1AI score
Exploits0References6
CNNVD
CNNVD
added 2021/09/14 12:0 a.m.5 views

Microsoft Win32k 权限许可和访问控制问题漏洞

Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. A vulnerability exists in Microsoft Windows Win32K with privilege license and access control issues. The following products and editions are affected: Windows Server 2008 for 32-bit Systems Servi...

7.8CVSS6.6AI score0.01226EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.6 views

Apple macOS Big Sur 权限许可和访问控制问题漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. Apple macOS Big Sur suffers from a Permission Permission and Access Control Issue vulnerability that originates from a malicious application that may bypass Gatekeeper checks...

5.5CVSS5.7AI score0.01034EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2021/08/23 2:18 p.m.20 views

Managing Privileged Access for a Post-COVID Perimeter

For many, 2021 signifies a year of recovery, reflection and reimagining. After the whirlwind year of 2020, we witnessed all aspects and facets of our lives and businesses turn upside down as our communities and economies adapted to the disruptions of the COVID-19 pandemic. As we all know, the...

7.9AI score
Exploits0References4
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.25 views

Istio 权限许可和访问控制问题漏洞

Istio is a set of open platforms for connecting, managing, and securing microservices. Istio is vulnerable to a privilege permission and access control issue that arises from an application that does not properly impose security restrictions. This vulnerability could allow an attacker to access...

8.8CVSS7.9AI score0.01972EPSS
Exploits0References6
OSV
OSV
added 2021/06/16 1:15 p.m.3 views

CVE-2021-27479

ZOLL Defibrillator Dashboard, v prior to 2.2,The affected product’s web application could allow a low privilege user to inject parameters to contain malicious scripts to be executed by higher privilege users...

5.4CVSS5.8AI score0.00539EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.9 views

SAP NetWeaver AS ABAP Business Server 跨站脚本漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver AS for ABAP, which can be exploited by an attacker ...

6.1CVSS5.3AI score0.00585EPSS
Exploits0References3
OSV
OSV
added 2021/05/27 11:15 a.m.4 views

CVE-2021-32458

Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to...

7.8CVSS6.6AI score0.00392EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/05/27 11:15 a.m.3 views

CVE-2021-32458

Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to...

7.8CVSS7.5AI score0.00392EPSS
Exploits0References4
OSV
OSV
added 2021/05/12 3:15 p.m.1 views

CVE-2021-28649

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a...

7.3CVSS6.1AI score0.00261EPSS
Exploits0References2
Rows per page
Query Builder