Lucene search
+L

235 matches found

Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.134 views

January 11, 2022—KB5009557 (OS Build 17763.2452)

None None...

10CVSS6.8AI score0.9279EPSS
Exploits29
ATTACKERKB
ATTACKERKB
added 2021/12/13 4:15 a.m.5 views

CVE-2021-44153

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or...

9CVSS7.2AI score0.02005EPSS
Exploits3References3
Citrix
Citrix
added 2021/09/29 12:0 a.m.7 views

Driver Disk for Qlogic qla2xxx 10.02.06.02-k - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers on non-Dell hardware running the Citrix Hypervisor 8.2 LTSR release who use Qlogic's qla2xxx driver and wish to use the latest version of the driver. Note: If you use Dell hardware, do not install this driver disk. This version of the driver disk is...

7AI score
Exploits0
Citrix
Citrix
added 2021/02/02 12:0 a.m.7 views

Hotfix XS82E015 - For Citrix Hypervisor 8.2

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| None Content live patchable| No Baselines for Live Patch| N/A Revision History| Published on Feb02, 2021 To...

7.2AI score
Exploits0
Citrix
Citrix
added 2020/11/20 12:0 a.m.11 views

Driver Disk for Cisco enic 4.0.0.11 - For Citrix Hypervisor 8.x CR

Who Should Install this Driver Disk? Customers running a Citrix Hypervisor 8.x release who use Cisco's enic driver and wish to use the latest version of the following: Driver Module| Version ---|--- enic| 4.0.0.11 Issues Resolved In this Driver Disk Includes general enhancements and bug fixes...

7AI score
Exploits0
0day.today
0day.today
added 2020/07/27 12:0 a.m.304 views

Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication) Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.471 views

Sickbeard 0.1 Cross Site Request Forgery

Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.236 views

Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)

Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/07/01 10:55 a.m.117 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS7AI score0.9927EPSS
Exploits46References11
CNVD
CNVD
added 2020/06/22 12:0 a.m.6 views

Mattermost Server Access Privilege Vulnerability

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.8.2, prior to 3.7.5, and prior to 3.6.7. An attacker can exploit the vulnerability to gain access to API endpoints after a...

9.8CVSS6.9AI score0.01184EPSS
Exploits0References1
Slackware Linux
Slackware Linux
added 2020/04/15 8:47 p.m.13 views

[slackware-security] bind

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.11.18-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: DNS rebinding protection was ineffective wh...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/01/13 12:0 a.m.7 views

The vulnerability of the SAP HANA Extended Application Services development tool lies in insufficient validation of input data. This allows attackers to gain unauthorized access to information about internal network ports or trigger a server restart.

The vulnerability of the SAP HANA Extended Application Services development tool exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to information about internal network ports or cause a serve...

7.5CVSS7.1AI score0.00897EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2020/01/05 9:45 p.m.202 views

Node.js third-party modules: Denial Of Service in Strapi Framework using argument injection

I would like to report Denial Of Service in Strapi Framework.It allows attacker to force restart the server using argument injection. Module module name: strapi version: 3.0.0-beta.18.3 and earlier npm page: https://www.npmjs.com/package/strapi Module Description The Strapi HTTP layer sits on top...

4CVSS0.5AI score0.01145EPSS
Exploits1
Debian CVE
Debian CVE
added 2019/10/16 5:22 p.m.52 views

CVE-2019-6474

A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea cod...

6.5CVSS6.3AI score0.00712EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/10/16 5:22 p.m.83 views

CVE-2019-6474

A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea cod...

6.5CVSS5.9AI score0.00712EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/08/28 12:0 a.m.26 views

CVE-2019-6474

A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea cod...

6.5CVSS6.6AI score0.00712EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/02 5:12 a.m.35 views

Integer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

7.5CVSS8.7AI score0.0571EPSS
Exploits13References16Affected Software1
Veracode
Veracode
added 2019/05/02 5:12 a.m.39 views

ASLR Bypass

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

7.5CVSS8.7AI score0.0571EPSS
Exploits13References17Affected Software1
Veracode
Veracode
added 2019/05/02 5:12 a.m.35 views

Out-Of-Bounds Read

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

7.5CVSS8.7AI score0.0571EPSS
Exploits13References16Affected Software1
CNVD
CNVD
added 2018/10/12 12:0 a.m.4 views

IBM Security Key Lifecycle Manager Authentication Missing Vulnerability

IBM Security Key Lifecycle Manager centralizes, simplifies and automates the encryption key management process, helping to minimize the risks and operational costs of encryption key management. An authentication missing vulnerability exists in IBM Security Key Lifecycle Manager. An unauthenticate...

7.8CVSS8AI score0.03894EPSS
Exploits0References1
Rows per page
Query Builder