Lucene search
K

183 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:41 p.m.7 views

Square OkHttp can accept the wrong certificate

In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS7.6AI score0.00877EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/05 12:0 a.m.8 views

The vulnerability of the display mechanism of Blink web pages in Microsoft Edge and Google Chrome browsers allows attackers to disclose protected information.

The vulnerability of the Blink web page display mechanism in Microsoft Edge and Google Chrome exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

6.4CVSS6.6AI score0.00685EPSS
Exploits1References6Affected Software5
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.6 views

PT-2022-18952 · Bentley · Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.034 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open ...

5.5CVSS4AI score0.00618EPSS
Exploits0References3
OSV
OSV
added 2022/03/10 5:47 p.m.3 views

CVE-2022-26143

The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...

9.8CVSS7.5AI score0.87565EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.3 views

CVE-2022-24055

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS4AI score0.01538EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/18 8:15 p.m.7 views

CVE-2022-24055

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS4.9AI score0.01538EPSS
Exploits0References1
OSV
OSV
added 2022/02/18 8:15 p.m.7 views

CVE-2021-46654

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5.5CVSS4.9AI score0.01592EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.7 views

CVE-2021-46620

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

5.5CVSS4.1AI score0.01612EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.11 views

CVE-2021-46630

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5.5CVSS4.1AI score0.01612EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/02/18 8:15 p.m.4 views

CVE-2021-46624

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5.5CVSS4.9AI score0.01612EPSS
Exploits0References2
OSV
OSV
added 2022/02/18 8:15 p.m.5 views

CVE-2021-46623

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5.5CVSS4.9AI score0.01815EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.8 views

CVE-2021-46593

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

5.5CVSS4.1AI score0.01699EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.4 views

CVE-2021-46589

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

5.5CVSS4.1AI score0.01699EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/18 12:0 a.m.6 views

CVE-2022-22310

IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224...

6.5CVSS6.2AI score0.01012EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/01/13 10:15 p.m.4 views

CVE-2021-34910

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS4.9AI score0.0161EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.5 views

The vulnerability in the `hw/net/tulip.c` component of the QEMU hardware emulation software involves writing beyond the buffer boundaries. This allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the hw/net/tulip.c component of the QEMU hardware emulation software involves writing beyond the buffer boundaries during copy operations for TX/RX data. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, a...

6.8CVSS7.2AI score0.01921EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/09/01 12:0 a.m.6 views

The vulnerability of the Adobe Digital Editions e-book reading program, related to reading beyond the buffer limit, allows a intruder to disclose protected information.

The vulnerability of the Adobe Digital Editions e-book reading software relates to reading outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

7.5CVSS7.4AI score0.042EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/05 9:15 p.m.6 views

CVE-2021-26586

A potential security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to disclose sensitive information. HPE has made software updates available to resolve the...

7.5CVSS5.7AI score0.01566EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/08/03 12:0 a.m.8 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to reading data beyond the buffer in memory. This allows attackers to disclose protected information.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to disclose protected informatio...

7.8CVSS7.4AI score0.03252EPSS
Exploits0References2
OSV
OSV
added 2021/08/01 12:0 a.m.10 views

ASB-A-187231636

In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS6.7AI score0.00297EPSS
Exploits0References1
Rows per page
Query Builder