Lucene search
K

92 matches found

osv
osv
added 2023/08/08 10:15 a.m.7 views

CVE-2021-41544

A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...

7.8CVSS5.9AI score0.00207EPSS
Exploits0References1
nvd
nvd
added 2023/08/08 10:15 a.m.22 views

CVE-2021-41544

A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...

7.8CVSS7.5AI score0.00207EPSS
Exploits0References1
prion
prion
added 2023/08/08 10:15 a.m.19 views

Path traversal

A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...

4.3CVSS7.5AI score0.00207EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/08/08 9:20 a.m.16 views

CVE-2021-41544

A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...

7.8CVSS6.9AI score0.00207EPSS
Exploits0References1
cvelist
cvelist
added 2023/08/08 9:20 a.m.27 views

CVE-2021-41544

A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...

7.8CVSS7.7AI score0.00207EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/08/08 12:0 a.m.6 views

PT-2023-5571 · Siemens · Siemens Software Center

Name of the Vulnerable Software and Affected Versions: Siemens Software Center versions prior to V3.0 Description: A DLL Hijacking issue could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path. This is relat...

7.8CVSS7.7AI score0.00207EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/08/08 12:0 a.m.6 views

Siemens Software Center 代码问题漏洞

Siemens Software Center allows the download, installation and activation of purchased software. A DLL hijacking vulnerability exists in Siemens Software Center, which can be exploited by an attacker to execute code with elevated privilege by placing a malicious DLL in a directory on the DLL searc...

7.8CVSS7.3AI score0.00207EPSS
Exploits0References3
ics
ics
added 2023/08/08 12:0 a.m.40 views

​Siemens Software Center

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

7.8CVSS8.3AI score0.0193EPSS
Exploits0References12
nvd
nvd
added 2021/09/18 2:15 p.m.26 views

CVE-2021-3806

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

7.1CVSS0.00698EPSS
Exploits1References3
osv
osv
added 2021/09/18 2:15 p.m.4 views

CVE-2021-3806

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

5.3CVSS5.8AI score0.00698EPSS
Exploits1References2
prion
prion
added 2021/09/18 2:15 p.m.17 views

Path traversal

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

7.1CVSS5.3AI score0.00698EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2021/09/18 1:20 p.m.25 views

CVE-2021-3806 Path Traversal in Pardus Software Center

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

5.3CVSS5.5AI score0.00698EPSS
Exploits1References3
cve
cve
added 2021/09/18 1:20 p.m.45 views

CVE-2021-3806

CVE-2021-3806 describes a path traversal vulnerability in Pardus Software Center’s extractArchive function. An attacker on the same network could leverage this to perform a man-in-the-middle and write files on the system. Reported across multiple sources (NVD entry, CVE listings, and PT-Security ...

7.1CVSS5.2AI score0.00698EPSS
Exploits1References3Affected Software1
cnnvd
cnnvd
added 2021/09/18 12:0 a.m.4 views

Pardus 软件中心 路径遍历漏洞

Pardus is a Turkish Linux distribution. A security vulnerability exists in the center of the Pardus software, which stems from a path traversal vulnerability due to a lack of effective filtering of parameters in the extractArchive feature of the software, which could allow anyone on the same...

7.1CVSS5.7AI score0.00698EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2021/06/09 12:0 a.m.8 views

The vulnerability of the set function in the object-path library of the Aurora Application Software Center, related to uncontrolled changes to prototype attributes of objects, allows attackers to execute a “prototype pollution” attack.

The vulnerability of the set function in the object-path library of the Aurora application software is related to uncontrolled changes in object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute an “infection of the prototype” attack...

9.8CVSS7.3AI score0.01528EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2021/06/09 12:0 a.m.6 views

The vulnerability of the PostCSS library in Aurora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the PostCSS application library in Aurora Software Center, related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

5.3CVSS6.6AI score0.0354EPSS
Exploits1References4Affected Software1
bdu_fstec
bdu_fstec
added 2021/06/09 12:0 a.m.9 views

The vulnerability of the y18n application library at Avora Center lies in the uncontrolled modification of object prototypes’ attributes, allowing attackers to execute “prototype pollution” attacks.

The vulnerability of the y18n application library in Aurora Software Center is related to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute a “prototype contamination” attack remotely...

7.5CVSS6.8AI score0.69062EPSS
Exploits1References7Affected Software4
bdu_fstec
bdu_fstec
added 2021/06/09 12:0 a.m.8 views

The vulnerability of the set function in the set-value library of the Afroara Application Software Center, related to uncontrolled changes in object prototypes’ attributes, allows attackers to execute a “prototype pollution” attack.

The vulnerability of the set function in the set-value library of the Afroa Application Software is related to uncontrolled changes in object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to carry out a “prototype contamination” attack...

9.8CVSS7.4AI score0.02475EPSS
Exploits1References4Affected Software1
cnvd
cnvd
added 2019/06/20 12:0 a.m.2 views

Micro Focus Fortify software security center cross-site scripting vulnerability

Micro Focus Fortify Software Security Center SSC is a software lifecycle security management solution. A cross-site scripting vulnerability exists in Micro Focus Fortify software security center versions 18.1 and 18.2. The vulnerability stems from a web application that lacks proper validation of...

5.4CVSS6.3AI score0.00622EPSS
Exploits0References1
freebsd
freebsd
added 2013/04/04 12:0 a.m.50 views

PostgreSQL -- anonymous remote access data corruption vulnerability

PostgreSQL project reports: The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. Al...

8.5CVSS9.2AI score0.54312EPSS
Exploits4
Rows per page
Query Builder