Lucene search
K

100 matches found

Tenable Nessus
Tenable Nessus
added 2019/08/05 12:0 a.m.46 views

LibreOffice < 6.2.5 Multiple Vulnerabilities (macOS)

The version of LibreOffice installed on the remote macOS host is prior to 6.2.5. It is, therefore, affected by multiple vulnerabilities : - An arbitrary script execution vulnerability exists due to a flaw allowing event-based execution of python scripts within a document. Note, LibreLogo must be...

9.8CVSS7.8AI score0.31215EPSS
Exploits5References4
Positive Technologies
Positive Technologies
added 2019/05/01 12:0 a.m.4 views

PT-2019-2044 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the WebVPN login process could allow an unauthenticated...

8.6CVSS8.5AI score0.01967EPSS
Exploits0References6
n0where
n0where
added 2018/10/23 8:4 p.m.367 views

Real-time File Scanning System: Strelka

Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin’s Laika BOSS and similar projects, Strelka’s purpose is to perform file extraction and metadata collection at huge scale. Strelka differ...

Exploits0References2
CNVD
CNVD
added 2018/09/21 12:0 a.m.3 views

Microsoft Exchange Server Rollup Server-Side Request Forgery Vulnerability

Microsoft Exchange Server is the United States Microsoft Microsoft a set of e-mail services program, which provides mail access, storage, forwarding, voice mail, mail filtering and screening functions.Rollup is used in one of the code packer. A server-side request forgery vulnerability exists in...

8.6CVSS8.7AI score0.11329EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/06/08 12:0 a.m.8 views

The vulnerability of the Microsoft Server Message Block 1.0 (SMBv1) network protocol on the Windows operating system, which allows a hacker to cause a service failure.

The vulnerability of the Microsoft Server Message Block 1.0 SMBv1 protocol in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted requests remotely...

7.1CVSS6.8AI score0.07169EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.9 views

The vulnerability of the centralized device management system of Cisco Unified Computing System Central and the Cisco Firepower Extensible Operating System allows a perpetrator to execute arbitrary commands.

The vulnerability of the CGI script of the Cisco Unified Computing System Central device management system and the Cisco Firepower Extensible Operating System exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this...

10CVSS8.2AI score0.08684EPSS
Exploits2References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/11/11 12:0 a.m.18 views

IBM Tivoli Storage Manager FastBack Server FXCLI_OraBR_Exec_Command Buffer Overflow (CVE-2015-1929)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking while processing remote requests within the FXCLIOraBRExecCommand function. A remote unauthenticated attacker could exploit this vulnerability by sendin...

7.8CVSS9.6AI score0.03254EPSS
Exploits0
RubySec
RubySec
added 2015/06/16 12:0 a.m.30 views

IP whitelist bypass in Web Console

Specially crafted remote requests can spoof their origin, bypassing the IP whitelist, in any environment where Web Console is enabled development and test, by default. Users whose application is only accessible from localhost as is the default behaviour in Rails 4.2 are not affected, unless a loc...

4.3CVSS5.2AI score0.44984EPSS
Exploits6References1Affected Software1
OSV
OSV
added 2015/04/28 2:59 p.m.4 views

DEBIAN-CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

2.9CVSS8.3AI score0.00793EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Nokia SGSN DX200 Remote SNMP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7081/info It has been reported that some models of the SGSN made by Nokia do not properly handle remote requests for information. Vulnerable devices may disclose sensitive information which could enable an attacker may be...

7.1AI score
Exploits0
OSV
OSV
added 2014/05/08 2:29 p.m.3 views

DEBIAN-CVE-2013-3571

socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service file descriptor consumption via multiple request that are refused based on the 1 sourceport, 2 lowport, 3 range, or 4...

2.6CVSS8.4AI score0.02061EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.31 views

openSUSE: Security Advisory for NRPE (openSUSE-SU-2013:0624-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.2AI score0.65724EPSS
Exploits9References1
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.34 views

SuSE Update for NRPE openSUSE-SU-2013:0621-1 (NRPE)

Check for the Version of NRPE OpenVAS Vulnerability Test $Id: gbsuse201306211.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for NRPE openSUSE-SU-2013:0621-1 NRPE Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

7.5CVSS6.3AI score0.65724EPSS
Exploits9References1
Check Point Advisories
Check Point Advisories
added 2013/06/02 12:0 a.m.17 views

EMC AlphaStor Library Control Program Multiple Buffer Overflows (CVE-2013-0946)

Multiple buffer overflow vulnerabilities has been reported in EMC AlphaStor Library Control Program LCP while parsing remote requests. The vulnerabilities are due to missing bounds check while copying request data into fixed length stack buffers. An unauthenticated attackers can exploit this...

9.3CVSS8.1AI score0.28547EPSS
Exploits3
OPENSUSE Linux
OPENSUSE Linux
added 2013/04/04 6:4 p.m.43 views

NRPE metacharacter filtering omission (important)

NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...

7.5CVSS2.7AI score0.65724EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2013/04/04 12:0 a.m.38 views

SuSE 11.2 Security Update : puppet (SAT Patch Number 7526)

puppet has been updated to fix 2.6.18 multiple vulnerabilities and bugs. - 19391 Find the catalog for the specified node name - Don't assume master supports SSLv2 - Don't require openssl client to return 0 on failure - Display SSL messages so we can match our regex - Don't assume puppetbindir is...

9CVSS7.1AI score0.05375EPSS
Exploits0References15
Cvelist
Cvelist
added 2010/05/20 9:0 p.m.17 views

CVE-2010-2007

Multiple cross-site request forgery CSRF vulnerabilities in LetoDMS formerly MyDMS 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use 1 op/op.EditUserData.php, 2 op/op.UsrMgr.php, 3 out/out.RemoveVersion.php, 4 op/op.RemoveFolder.php, 5...

7.3AI score0.00664EPSS
Exploits1References5
Prion
Prion
added 2007/04/10 11:19 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...

6.8CVSS5.8AI score0.01551EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2007/04/10 11:19 p.m.21 views

CVE-2007-1926

Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...

6.8CVSS5.5AI score0.01551EPSS
Exploits1References7
exploitpack
exploitpack
added 2003/03/13 12:0 a.m.10 views

Nokia SGSN DX200 - Remote SNMP Information Disclosure

Nokia SGSN DX200 - Remote SNMP Information Disclosure source: https://www.securityfocus.com/bid/7081/info It has been reported that some models of the SGSN made by Nokia do not properly handle remote requests for information. Vulnerable devices may disclose sensitive information which could enabl...

7.3AI score
Exploits0
Rows per page
Query Builder