Lucene search
+L

1014 matches found

OSV
OSV
added 2016/12/13 3:59 p.m.8 views

DEBIAN-CVE-2016-5691

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of 1 pixel.red, 2 pixel.green, and 3 pixel.blue...

9.8CVSS9.4AI score0.05445EPSS
Exploits1References1
CNVD
CNVD
added 2016/12/13 12:0 a.m.6 views

Google Android Package Manage Information Disclosure Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA.Package Manager is one of the Android application package files. An information disclosure vulnerability exists in Package Manager in Android 7.0. The vulnerability can be exploited...

4.7CVSS5.9AI score0.00308EPSS
Exploits0References1
OSV
OSV
added 2016/11/25 4:59 p.m.4 views

UBUNTU-CVE-2016-6718

An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a local bypass of user interaction...

5.5CVSS7.3AI score0.00402EPSS
Exploits0References3
OSV
OSV
added 2016/09/11 12:0 a.m.6 views

UBUNTU-CVE-2016-7127

The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact by providing different signs for the second an...

9.8CVSS7.2AI score0.06842EPSS
Exploits1References6
CNVD
CNVD
added 2016/07/20 12:0 a.m.4 views

Palo Alto Networks PAN-OS Denial of Service Vulnerability (CNVD-2016-05079)

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A denial of service vulnerability exists in Palo Alto Networks PAN-OS versions 7.0.1 through 7.0.7. An attacker could exploit this vulnerability to cause a denial of service...

6.7AI score
Exploits0References1
OSV
OSV
added 2016/06/17 3:59 p.m.6 views

CVE-2016-5433

Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors...

6.1CVSS5.8AI score0.00417EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/23 12:0 a.m.7 views

PHP Double Release Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

10CVSS9AI score0.02953EPSS
Exploits0References1
OSV
OSV
added 2016/04/29 12:0 a.m.6 views

UBUNTU-CVE-2016-4343

The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service uninitialized pointer dereference or possibly have unspecified other impact via a crafted TAR archi...

8.8CVSS7.2AI score0.0421EPSS
Exploits1References3
CNVD
CNVD
added 2016/04/14 12:0 a.m.4 views

Micro Focus Service Desk Arbitrary File Read Vulnerability

Micro Focus Service Desk formerly Novell Service Desk is a service management solution for monitoring and resolving service issues from Micro Focus in the UK. The solution provides incident management, problem management, service catalog definition and management, financial management, knowledge...

6.5CVSS7AI score0.06902EPSS
Exploits3References1
CNVD
CNVD
added 2016/04/14 12:0 a.m.5 views

Micro Focus Service Desk Cross-Site Scripting Vulnerability

Micro Focus Service Desk formerly Novell Service Desk is a service management solution for monitoring and resolving service issues from Micro Focus in the UK. The solution provides incident management, problem management, service catalog definition and management, financial management, knowledge...

5.4CVSS6.2AI score0.02427EPSS
Exploits3References1
CNVD
CNVD
added 2015/10/29 12:0 a.m.4 views

SAP Netwaver XML External Entity Injection Vulnerability

SAP Netwaver is a professional standards-based integrated application platform from SAP. The platform provides components such as portals, application servers and business intelligence solutions. An XML external entity injection vulnerability exists in SAP Netwaver versions prior to 7.01. An...

9.8CVSS7.3AI score0.12426EPSS
Exploits4References1
CNVD
CNVD
added 2015/10/15 12:0 a.m.7 views

Lenovo System Update Signature Validation Bypass Vulnerability

Lenovo System Update aka ThinkVantage System Update is a system update software from Lenovo. The service component of Lenovo System Update, SUService.exe, creates a named pipe to provide system update services to low-privileged processes.A security vulnerability in Lenovo System Update software...

7.5CVSS7.7AI score0.00586EPSS
Exploits0
CNVD
CNVD
added 2015/07/10 12:0 a.m.4 views

TYPO3 Flowplayer Library Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF maintained by the TYPO3 Association in Switzerland.Flowplayer library is one of the Flash video playback libraries. A cross-site scripting vulnerability exists in the TYPO3 Flowplayer library versions 6.2.0 through 6.2.13...

6.7AI score
Exploits0References1
Broadcom
Broadcom
added 2015/04/24 12:0 a.m.7 views

BSA-2015-003

Summary Security Advisory ID : BSA-2015-003 Component : OpenSSL Revision : 7.0 N/A...

5CVSS7.9AI score0.20646EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2015/01/21 6:59 p.m.8 views

CVE-2015-0386

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191...

5CVSS5.6AI score0.081EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2015/01/15 12:0 a.m.8 views

PT-2015-3929 · Red Hat · Red Hat Network Satellite +1

Name of the Vulnerable Software and Affected Versions: Red Hat Network Satellite versions prior to 5.7.0 Spacewalk versions prior to 5.7.0 Description: A cross-site scripting XSS issue allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field. This could...

3.5CVSS5AI score0.01463EPSS
Exploits0References4
OSV
OSV
added 2014/11/10 11:55 a.m.6 views

BELL-CVE-2014-8709 CVE-2014-8709 does not affect BellSoft software

Bulletin has no description...

5CVSS7.3AI score0.04517EPSS
Exploits0References1
OSV
OSV
added 2014/02/27 1:55 a.m.3 views

UBUNTU-CVE-2014-1268

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270...

6.8CVSS6.2AI score0.01877EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2013/11/05 5:58 p.m.10 views

OpenJDK: image conversion out of bounds read (2D, 8014102)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.8AI score0.03961EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2013/04/26 11:41 a.m.4 views

CVE-2012-5220

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors...

7.2CVSS5.5AI score0.00642EPSS
Exploits0References3
Rows per page
Query Builder