Lucene search
K

547 matches found

Tenable Nessus
Tenable Nessus
added 2021/05/28 12:0 a.m.32 views

EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 P2 Insecure Credential Storage

The version of EMC RSA Archer running on the remote web server is 6.6.x prior to 6.6.0.8 6.6 P8, 6.7.x prior to 6.7.0.8 6.7 P8, 6.8.x prior to 6.8.0.5 6.8 P5 or 6.9.x prior to 6.9.0.2 6.9 P2. It is, therefore, affected by an insecure credential storage vulnerability with Archer Tableau integratio...

5.5CVSS5.8AI score0.00201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/05/25 12:0 a.m.455 views

Joomla 3.0.x < 3.9.27 Multiple Vulnerabilities (5836-joomla-3-9-27)

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.0.x prior to 3.9.27. It is, therefore, affected by multiple vulnerabilities. - HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors. CVE-2021-260...

6.5CVSS6.4AI score0.0098EPSS
Exploits1References7
OSV
OSV
added 2021/05/24 3:15 p.m.40 views

CVE-2021-33516

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...

8.1CVSS6.5AI score0.01084EPSS
Exploits0References2
Prion
Prion
added 2021/05/24 3:15 p.m.19 views

Code injection

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...

5.8CVSS7.6AI score0.01084EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.6 views

Aruba Networks AirWave Management Platform 输入验证错误漏洞

Aruba Networks AirWave Management Platform is a suite of network management software for multi-vendor management from Aruba Networks. The software provides real-time monitoring, proactive alerting and historical data reporting. A security vulnerability exists in Aruba AirWave Management Platform...

6.1CVSS6.3AI score0.00751EPSS
Exploits0References2
OSV
OSV
added 2021/04/06 5:15 a.m.4 views

CVE-2021-28202

The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...

4.9CVSS5.9AI score0.0181EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/04/06 12:0 a.m.5 views

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. The ASUS BMC Firmware suffers from a security signature issue vulnerability that stems from a buffer overflow vulnerability due to the Radius configuration function not validating the length of a user-entered string. A remote attacker could use thi...

4.9CVSS6AI score0.0186EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2021/03/09 8:44 p.m.216 views

Adobe Critical Code-Execution Flaws Plague Windows Users

Adobe has issued patches for a slew of critical security vulnerabilities, which, if exploited, could allow for arbitrary code execution on vulnerable Windows systems. Affected products include Adobe’s Framemaker document processor, designed for writing and editing large or complex documents;...

6.8CVSS2.2AI score0.8621EPSS
Exploits2References11
OSV
OSV
added 2021/03/09 6:15 p.m.3 views

UBUNTU-CVE-2021-21169

Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

8.8CVSS7.3AI score0.01415EPSS
Exploits1References2
OSV
OSV
added 2021/02/09 2:15 p.m.3 views

UBUNTU-CVE-2021-21141

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page...

6.5CVSS6.8AI score0.05439EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/22 12:0 a.m.118 views

Jenkins < 2.263.2 LTS / 2.275 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.275 or is a version of Jenkins LTS prior to 2.263.2. It is, therefore, affected by multiple vulnerabilities, including the following: - Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure...

8CVSS6AI score0.02226EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2020/12/30 12:0 a.m.68 views

phpMyAdmin 4.9.0 < 4.9.5 / 5.0.0 < 5.0.2 Multiple Vulnerabilities (PMASA-2020-2, PMASA-2020-3, PMASA-2020-4)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to 4.9.5 or 5.0.x prior to 5.0.2. It is, therefore, affected by multiple vulnerabilities. - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was foun...

8CVSS7AI score0.02694EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.59 views

PHP 7.3.x < 7.3.23 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...

6.5CVSS6.8AI score0.05029EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.153 views

PHP 7.4.x < 7.4.11 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...

6.5CVSS6.8AI score0.05029EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.42 views

PHP 7.2.x < 7.2.30 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...

7.5CVSS7.8AI score0.04311EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.151 views

PHP 7.4.x < 7.4.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...

7.5CVSS7.8AI score0.04311EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/06/12 12:0 a.m.103 views

Joomla 2.5.x < 3.9.19 Multiple Vulnerabilities (5812-joomla-3-9-19)

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.19. It is, therefore, affected by multiple vulnerabilities. - In Joomla! before 3.9.19, lack of input validation in the heading tag option of the Articles - Newsflash and Article...

8.8CVSS6.9AI score0.99019EPSS
Exploits11References12
BDU FSTEC
BDU FSTEC
added 2020/05/26 12:0 a.m.4 views

The vulnerability of the “Estimate and Actual Charges” component of the Oracle Depot Repair automation software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the “Estimate and Actual Charges” component of the Oracle Depot Repair automation software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through the...

8.2CVSS7.4AI score0.01282EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/05/08 12:0 a.m.8 views

The vulnerability of the Account Hierarchy Manager component of the Oracle General Ledger software, a business automation system within the Oracle E-Business Suite, allows a malicious individual to gain unauthorized access to protected data.

The vulnerability of the Account Hierarchy Manager component of the Oracle General Ledger software, a part of the Oracle E-Business Suite, relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

7.8CVSS7.2AI score0.01668EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/23 12:0 a.m.170 views

PHP 7.2.x < 7.2.30 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.30. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An attacker can exploit...

7.5CVSS6.6AI score0.04311EPSS
Exploits1References4
Rows per page
Query Builder