Lucene search
K

1388 matches found

CNVD
CNVD
added 2017/11/01 12:0 a.m.4 views

Libpcap Design Vulnerabilities

libpcap is a C library for network packet capture. A security vulnerability exists in the pcap-linux.c file in version 1.1.1 prior to libpcap commit ea9432fabdf4b33cbc76d9437200e028f1c47c93. A remote attacker can exploit this vulnerability to send arbitrary data with the help of specially crafted...

9.8CVSS7AI score0.03649EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.3 views

OpenText Document Sciences xPression SQL Injection Vulnerability

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada. A SQL injection vulnerability exists in OpenText Document Sciences xPression version 4.5SP1 Patch 13. A remote...

8.8CVSS8.8AI score0.01895EPSS
Exploits6References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.5 views

OpenText Document Sciences xPression SQL Injection Vulnerability (CNVD-2017-33295)

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...

8.8CVSS8.8AI score0.02672EPSS
Exploits6References1
OSV
OSV
added 2017/10/06 5:29 p.m.1 views

CVE-2017-13068

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack...

7.5CVSS6AI score0.02577EPSS
Exploits3References1
OSV
OSV
added 2017/09/30 1:29 a.m.3 views

CVE-2017-14935

Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly validate requests, which allows remote users to query and obtain sensitive information...

7.5CVSS5.8AI score0.0135EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/22 12:0 a.m.4 views

Fedora pure-ftpd misconfiguration vulnerability

Fedora is a Linux-based operating system developed by the Fedora Project community and sponsored by Red Hat. pure-ftpd is one of the FTP service programs. A misconfiguration vulnerability exists in Downstream version 1.0.46-1 of pure-ftpd in Fedora. A remote attacker could exploit this...

9.8CVSS9.1AI score0.01517EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/22 12:0 a.m.6 views

Webservice Gateway Directory Traversal Vulnerability in Multiple EMC Products

EMC ViPR SRM and others are products of EMC Corporation.EMC ViPR SRM is a suite of storage resource management software.Storage M&R is a data storage collector.Webservice Gateway is one of the gateways. A directory traversal vulnerability exists in Webservice Gateway in multiple EMC products. A...

8.8CVSS7.1AI score0.02956EPSS
Exploits0References1
OSV
OSV
added 2017/09/07 1:29 p.m.7 views

CVE-2017-9458

XML external entity XXE vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or...

9.8CVSS5.8AI score0.02465EPSS
Exploits0References3
CNVD
CNVD
added 2017/09/06 12:0 a.m.4 views

IBM QRadar Network Security XML External Entity Injection Vulnerability

IBM QRadar Network Security is a suite of network threat protection software from IBM in the United States. The software uses deep packet inspection and behavior-based analysis to detect and protect against known and unknown threats. An XML external entity injection vulnerability exists in IBM...

8.1CVSS8.2AI score0.02463EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.3 views

Oracle Java Advanced Management Console Unauthorized Read Vulnerability

Oracle Java SE is Oracle's suite of standard edition Java platforms for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. java Advanced Management Console is one of the Java Advanced Management Console components for creating...

5.3CVSS6.3AI score0.02452EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/03 12:0 a.m.4 views

IBM InfoSphere Information Server XML External Entity Injection Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An XML external entity injection vulnerability exists in IBM InfoSphere Information Server versions 9.1,...

9.1CVSS6.9AI score0.02718EPSS
Exploits2References1
CNVD
CNVD
added 2017/08/02 12:0 a.m.1 views

Oracle Application Management Pack for Oracle E-Business Suite Remote Vulnerability

Oracle E-Business Suite is a fully integrated suite of global business management software from Oracle Corporation.Application Management Pack AMP for Oracle E-Business Suite is one of the extensions of the Application Management Pack AMP for Oracle E-Business Suite is one of the application...

6.5CVSS7.8AI score0.01646EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/28 12:0 a.m.2 views

Niushop open source mall system has multiple SQL injection vulnerabilities

NiuShop open source mall system , is by the Shanxi Niu Cool Information Technology Co., Ltd. completely independent design , research and development of a PHP open source e-commerce system . NiuShop open source mall system collectionGoodsOrShopt, cancelCollGoodsOrShop, platformAdvList,...

7.8AI score
Exploits0
CNVD
CNVD
added 2017/07/27 12:0 a.m.6 views

Oracle FLEXCUBE Private Banking Unauthorized Read Vulnerability

Oracle Financial Services Applications is a set of core banking, online banking and property management financial services software from Oracle Corporation, of which Oracle FLEXCUBE Private Banking is a private banking component. A security vulnerability exists in the Miscellaneous subcomponent o...

4.3CVSS5.3AI score0.01418EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.4 views

Unspecified Vulnerability in Oracle PeopleSoft Enterprise FSCM

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise FSCM is one of the financial and supply chain management components. A...

5.4CVSS6.7AI score0.01026EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Business Intelligence Enterprise Edition

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, and other functionality.Oracle Business Intelligence Enterprise Edition is one of the business intelligence...

6.9CVSS6.9AI score0.01181EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/21 12:0 a.m.2 views

Apple macOS Sierra Audio memory corruption vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple Inc. for Mac computers.The audio component is one of the audio components. A memory corruption vulnerability exists in the Audio component of Apple macOS Sierra before 10.12.6. A remote attacker can exploit this vulnerability...

7.8CVSS6.6AI score0.01036EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/06/05 12:0 a.m.6 views

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone technology’s authentication mode for Qualcomm Secure Execution Environment for Android, as found in the CAF repository, stems from synchronization errors when using a common resource. Exploiting this vulnerability could allow an attacker operating remotely to...

7.6CVSS7.1AI score0.00572EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/05/15 12:0 a.m.6 views

The vulnerability of the Oracle MySQL database management system allows a hacker to modify data.

The vulnerability of the MySQL Server component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to remotely gain access to modify, add, or delete data using network packets...

4CVSS6.3AI score0.0154EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/04/13 12:0 a.m.4 views

Schneider Electric homeLYnk Controller Security Bypass Vulnerability

The Schneider Electric homeLYnk Controller is a logic controller. A security bypass vulnerability exists in all versions of the Schneider Electric homeLYnk Controller prior to 1.5.0. A remote attacker could exploit this vulnerability to obtain sensitive information...

10CVSS6.7AI score0.05525EPSS
Exploits0References1
Rows per page
Query Builder