Lucene search
+L

103 matches found

cnnvd
cnnvd
added 2021/05/14 12:0 a.m.4 views

Firely/Incendi Spark 安全漏洞

Spark is a public domain FHIR server developed using C. A security vulnerability exists in versions prior to Firely/Incendi Spark 1.5.5-r4, which stems from the lack of a Content-Disposition header in some cases, which could result in carefully crafted files being delivered to the client to be...

6.1CVSS5.5AI score0.01002EPSS
Exploits0References4
cve
cve
added 2020/03/11 1:2 p.m.60 views

CVE-2019-19381

Affected product: Abacus OAuth Login. Vulnerable component: oauth/oauth2/v1/saml/ handling. Root cause: reflected XSS triggered by error message in the login flow for version 2019_01_r4_20191021_0000 prior to R4. Impact: could allow execution of JavaScript in a user’s browser (client-side impact)...

6.1CVSS6AI score0.00724EPSS
Exploits1References2Affected Software1
gentoo
gentoo
added 2019/11/07 12:0 a.m.88 views

OpenSSH: Integer overflow

Background OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support. Description OpenSSH, when built with “xmss” USE flag enabled, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. NOTE: This USE flag is...

7.8CVSS8.1AI score0.0217EPSS
Exploits2
nessus
nessus
added 2019/08/20 12:0 a.m.31 views

GLSA-201908-22 : Patch: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201908-22 Patch: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Patch. Please review the CVE identifiers referenced below for details. Impact : A local attacker could pass a specially crafted diff file t...

9.3CVSS7.1AI score0.0453EPSS
Exploits0References3
nessus
nessus
added 2019/05/08 12:0 a.m.9 views

Rockwell Automation DeviceLink - micro to micro connector 1485D-A2F5-R4 Discrete I/O

Binary data 752722.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.15 views

Rockwell Automation DeviceLink - conductor to micro 1485D-A3C3-R4 Discrete I/O

Binary data 752717.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.10 views

Mitsubishi L6ADP-R4 Communications Adapter Detection

Binary data 751763.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.9 views

Rockwell Automation DeviceLink - mini to micro connector 1485D-A2M5-R4 Discrete I/O

Binary data 752711.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.8 views

Rockwell Automation DeviceLink - mini to micro connector 1485D-A3M5-R4 Discrete I/O

Binary data 752712.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.13 views

Mitsubishi RJ71C24-R4 Communications Adapter Detection

Binary data 752174.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.10 views

Rockwell Automation DeviceLink - mini to micro connector 1485D-A2M5-R4 Discrete I/O

Binary data 752710.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.12 views

Rockwell Automation DeviceLink - micro to micro connector 1485D-A1F5-R4 Discrete I/O

Binary data 752721.prm...

7.3AI score
Exploits0
cnvd
cnvd
added 2017/12/21 12:0 a.m.7 views

Cambium Networks cnPilot Backdoor Access Elevation of Privilege Vulnerability

Cambium Networks cnPilot is a cloud-enabled managed single-band router product from Cambium Networks, USA. A security vulnerability exists in Cambium Networks cnPilot using firmware version 4.3.2-R4 and earlier. An attacker can exploit the vulnerability by accessing the web shell using the...

9CVSS7AI score0.39181EPSS
Exploits2References1
metasploit
metasploit
added 2017/12/18 10:32 p.m.62 views

Cambium cnPilot r200/r201 File Path Traversal

This module exploits a File Path Traversal vulnerability in Cambium cnPilot r200/r201 to read arbitrary files off the file system. Affected versions - 4.3.3-R4 and prior. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewor...

8.8CVSS0.1AI score0.0889EPSS
Exploits2
gentoo
gentoo
added 2017/11/12 12:0 a.m.23 views

VDE: Privilege escalation

Background VDE is an ethernet compliant virtual network that can be spawned over a set of physical computer over the Internet. Description It was discovered that Gentoo’s default VDE installation suffered from a privilege escalation vulnerability in the init script. This script calls an unsafe...

10CVSS9.7AI score0.01354EPSS
Exploits0
gentoo
gentoo
added 2017/01/23 12:0 a.m.68 views

Lua: Buffer overflow

Background Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Description A buffer overflow was discovered in the vararg functions in ldo....

5CVSS9.5AI score0.11572EPSS
Exploits1
gentoo
gentoo
added 2016/12/31 12:0 a.m.55 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly execute arbitrary code with the privileges of the process, could gain privileges on t...

8.8CVSS8.3AI score0.00509EPSS
Exploits0
zdt
zdt
added 2015/09/18 12:0 a.m.128 views

Android libstagefright - Integer Overflow Remote Code Execution

Exploit for Android platform in category remote exploits !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00' heap groomin...

10CVSS6.5AI score0.87125EPSS
Exploits6
bdu_fstec
bdu_fstec
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the tiff package up to version 3.8.2-r4 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

6.8CVSS7.1AI score0.0413EPSS
Exploits1References3Affected Software1
bdu_fstec
bdu_fstec
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the qt package up to version 3.3.8-r4 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.5CVSS5.4AI score0.0234EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder