Lucene search
K

286 matches found

CNVD
CNVD
added 2017/10/17 12:0 a.m.1 views

WPA2 Wireless Network GTK Group Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a GTK group key reload vulnerability in the fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

5.3CVSS7.2AI score0.0207EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/17 12:0 a.m.1 views

WPA2 Wireless Network TPK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A TPK key vulnerability exists in WPA2 wireless networks when reinstalling a tunneled direct connection setting PeerKey in the TDLS handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II...

6.8CVSS7.5AI score0.02046EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/17 12:0 a.m.2 views

WPA2 Wireless Network Hibernation Mode IGTK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK key integrity reload vulnerability exists in the WPA2 wireless network hibernation mode. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

5.3CVSS7.2AI score0.01807EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2017/10/16 12:0 a.m.8 views

October 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 updates for Windows Server 2012 (KB 4042077)

October 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 updates for Windows Server 2012 KB 4042077 View products that this article applies to. Summary This article lists the Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 for...

6.6AI score
Exploits0
OSV
OSV
added 2017/10/16 12:0 a.m.1 views

UBUNTU-CVE-2017-13079

Wi-Fi Protected Access WPA and WPA2 that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key IGTK during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients...

5.3CVSS6.8AI score0.02124EPSS
Exploits0References5
OSV
OSV
added 2017/09/28 1:29 a.m.4 views

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

7CVSS5.8AI score0.00383EPSS
Exploits0References2
NVD
NVD
added 2017/09/28 1:29 a.m.16 views

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

7CVSS6.9AI score0.00383EPSS
Exploits0References2
Prion
Prion
added 2017/09/28 1:29 a.m.9 views

Design/Logic Flaw

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

4.4CVSS6.9AI score0.00383EPSS
Exploits0References2
CVE
CVE
added 2017/09/27 3:0 p.m.48 views

CVE-2017-13676

The CVE-2017-13676 issue affects Norton Remove & Reinstall and is described as a DLL preloading/code execution vulnerability. The root cause involves the application loading a DLL from a search path which an attacker could control, allowing a malicious DLL to execute under the vulnerable process ...

7CVSS6.8AI score0.00383EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/09/27 3:0 p.m.17 views

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

6.9AI score0.00383EPSS
Exploits0References2
CNVD
CNVD
added 2017/09/14 12:0 a.m.2 views

74cms content management system backend existence of arbitrary file deletion vulnerability

74cms is a free + open source professional recruitment system based on PHP + MYSQL as the core development. 74cms content management system backend there are arbitrary file deletion vulnerability, attackers use the vulnerability to delete the installation of the generated install.lock can be...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/09/12 7:0 a.m.89 views

Description of the Security Only update for the .NET Framework 4.5.2 for Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2: September 12, 2017

Description of the Security Only update for the .NET Framework 4.5.2 for Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2: September 12, 2017 View products that this article applies to. Summary This security update resolves a vulnerability in the Microsoft .NET Framework...

9.3CVSS8.7AI score0.88698EPSS
Exploits14
Citrix
Citrix
added 2017/08/22 12:0 a.m.8 views

After updating the app, receiving an error : Incompatible error

After updating the app Secure Mail, receiving an error when launching apps. Devices: iOS only ERROR: "Incompatible app, please try removing this app and then reinstalling it."...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.46 views

Xen Hypervisor Multiple Vulnerabilities (XSA-226 - XSA-230)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches were applie...

8.8CVSS7AI score0.00497EPSS
Exploits0References11
Microsoft KB
Microsoft KB
added 2017/07/11 7:0 a.m.154 views

Security update for the Windows Performance Monitor information disclosure vulnerability in Windows Server 2008: July 11, 2017

Security update for the Windows Performance Monitor information disclosure vulnerability in Windows Server 2008: July 11, 2017 Summary An information disclosure vulnerability exists in the Windows Performance Monitor Console when it improperly parses XML input containing a reference to an externa...

6.5CVSS7.5AI score0.06666EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2017/06/30 12:0 a.m.6 views

May 2017 Preview of the Quality Rollup for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 for Windows Server 2012 (KB4019289): May 16, 2017

May 2017 Preview of the Quality Rollup for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 for Windows Server 2012 KB4019289: May 16, 2017 Notice This release has been removed from Windows Update because of the issues that are described in the following .NET Blog article: .NET Framework May...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2017/06/22 12:0 a.m.37 views

FengCms1. 32 System reinstall vulnerabilities to cause getshell

进入./install/index.php文件 alert"系统已安装,如需要重新安装,请手工删除upload目录下的INSTALL文件!";'; echo ''; switch'step' case '1': //安装许可协议 include ABSPATH."/step/step1.php"; break; case '2': //检查安装环境是否满足要求 = ''; ifextensionloaded'gd' iffunctionexists'imagepng' .= 'png'; iffunctionexists'imagejpeg' .= ' jpg';...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/05/25 12:0 a.m.7 views

Vulnerability of NVIDIA GPU operating system drivers for Android, allowing attackers to execute arbitrary code

The vulnerability of NVIDIA GPU operating system drivers for Android is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “critical” due to the possibility of...

9.3CVSS7.6AI score0.00908EPSS
Exploits0References3
CNVD
CNVD
added 2017/05/08 12:0 a.m.2 views

Reinstallation Logic Vulnerability in zzcmsV8.0

ZZCMS is a PHP-developed enterprise website builder. A reinstallation logic vulnerability exists in zzcmsV8.0. Due to a logic vulnerability in the judgment of the installation lock file install.lock, an attacker can exploit the vulnerability to reinstall the system and destroy the program...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/05/02 12:0 a.m.0 views

Arbitrary file deletion vulnerability in SDCMS backend errorcontroller.php page

SDCMS is a website management system managed and developed by Suzhou Smoke & Fire Network Technology Co. SDCMS background errorcontroller.php page exists arbitrary file deletion vulnerability, allowing attackers to exploit the vulnerability to obtain, delete arbitrary files, can lead to system...

7AI score
Exploits0
Rows per page
Query Builder