Lucene search
K

34 matches found

ATTACKERKB
ATTACKERKB
added 2022/09/08 12:0 a.m.62 views

CVE-2022-27593

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later...

10CVSS9.8AI score0.87908EPSS
In wildExploits0References2
Positive Technologies
Positive Technologies
added 2022/09/03 12:0 a.m.5 views

PT-2022-4657 · Qnap · Qnap Nas +1

Name of the Vulnerable Software and Affected Versions: QNAP NAS running Photo Station versions prior to 5.2.14 QNAP NAS running Photo Station versions prior to 5.4.15 QNAP NAS running Photo Station versions prior to 5.7.18 QNAP NAS running Photo Station versions prior to 6.0.22 QNAP NAS running...

10CVSS9.6AI score0.87908EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.7 views

The vulnerability of the IP Service Level Agreement (IP SLA) and the implementation of the Two-Way Active Measurement Protocol (TWAMP) in the Cisco IOS XR operating system allows a perpetrator to trigger a service failure.

The vulnerability of the IP Service Level Agreement IP SLA and the implementation of the Two-Way Active Measurement Protocol TWAMP in the Cisco IOS XR operating system is related to the absence of a reference to an active, dedicated resource. Exploiting this vulnerability can allow a malicious...

8.6CVSS7.5AI score0.01249EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/04/30 5:29 p.m.26 views

GHSA-QGCG-P3V2-9H4P Externally Controlled Reference to a Resource in Another Sphere and Confused Deputy in Spring Cloud Netflix

Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can...

6.5CVSS6.5AI score0.10214EPSS
Exploits0References2
OSV
OSV
added 2021/04/28 8:15 a.m.2 views

CVE-2021-27648

Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via unspecified vectors...

8.8CVSS5.8AI score0.02843EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/19 12:0 a.m.3 views

FasterXML jackson-databind deserialization vulnerability (CNVD-2020-24668)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.4, which stems from insecure deserialization of...

8.8CVSS8.9AI score0.07963EPSS
Exploits0
OSV
OSV
added 2019/05/22 8:29 p.m.3 views

CVE-2018-7824

An Externally Controlled Reference to a Resource CWE-610 vulnerability exists in Schneider Electric Modbus Serial Driver For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior which could allow write acce...

4.9CVSS5.8AI score0.00892EPSS
Exploits0References1
Kitploit
Kitploit
added 2017/04/05 2:25 p.m.87 views

morty - Privacy aware web content sanitizer proxy as a service

Web content sanitizer proxy as a service. Morty rewrites web pages to exclude malicious HTML tags and attributes. It also replaces external resource references to prevent third party information leaks. The main goal of morty is to provide a result proxy for searx , but it can be used as a...

6.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2015/10/30 9:54 a.m.24 views

CVE-2008-3064

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

10CVSS7AI score0.01769EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/08/04 12:0 a.m.20 views

RealPlayer for Windows < 6.0.14.806 / 6.0.12.1675 Multiple Vulnerabilities

Binary data 4608.prm...

10CVSS6.7AI score0.4595EPSS
Exploits13References12
Prion
Prion
added 2008/07/28 5:41 p.m.23 views

Design/Logic Flaw

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

10CVSS6.5AI score0.01769EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2008/07/28 5:41 p.m.38 views

CVE-2008-3064

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

10CVSS6.2AI score0.01769EPSS
Exploits1References6
Cvelist
Cvelist
added 2008/07/28 5:0 p.m.37 views

CVE-2008-3064

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

6.2AI score0.01769EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2008/07/28 12:0 a.m.37 views

RealPlayer for Windows < Build 6.0.14.806 / 6.0.12.1675 Multiple Vulnerabilities

According to its build number, the installed version of RealPlayer / on the remote Windows host suffers from possibly several issues : - Heap memory corruption issues in several ActiveX controls can lead to arbitrary code execution. CVE-2008-1309 - An unspecified local resource reference...

10CVSS6.4AI score0.4595EPSS
Exploits13References12
Rows per page
Query Builder