Lucene search
K

199 matches found

CNNVD
CNNVD
added 2021/01/12 12:0 a.m.7 views

Microsoft Word 缓冲区错误漏洞

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A remote code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute code on the target host...

9.3CVSS7.8AI score0.03614EPSS
Exploits0References5
NVD
NVD
added 2020/12/02 5:15 p.m.24 views

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS5.8AI score0.08665EPSS
Exploits1References64
OSV
OSV
added 2020/12/02 5:15 p.m.10 views

DEBIAN-CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS6.6AI score0.08665EPSS
Exploits1References1
OSV
OSV
added 2020/12/02 5:15 p.m.26 views

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS6.9AI score0.08665EPSS
Exploits1References64
UbuntuCve
UbuntuCve
added 2020/12/02 5:15 p.m.80 views

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS6.8AI score0.08665EPSS
Exploits1References3
OSV
OSV
added 2020/12/02 5:15 p.m.6 views

UBUNTU-CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS6.8AI score0.08665EPSS
Exploits1References4
NVD
NVD
added 2020/11/17 4:15 a.m.39 views

CVE-2020-27131

Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the...

10CVSS9AI score0.87719EPSS
Exploits0References1
Veracode
Veracode
added 2020/10/12 4:2 a.m.41 views

Validation Bypass

httpclient is vulnerable to validation bypass. A malformed authority component in the request URIs that is passed to the library as java.net.URI object would result in the request execution for a wrong target host...

5.3CVSS1.1AI score0.08665EPSS
Exploits1References120Affected Software22
Tenable Nessus
Tenable Nessus
added 2020/10/12 12:0 a.m.54 views

Debian DLA-2405-1 : httpcomponents-client security update

Oleg Kalnichevski discovered that httpcomponents-client, a Java library for building HTTP-aware applications, can misinterpret a malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. For Debian 9 stretch,...

5.3CVSS6.5AI score0.08665EPSS
Exploits1References4
Prion
Prion
added 2020/03/06 9:15 p.m.14 views

Deserialization of untrusted data

Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI...

9.3CVSS9.7AI score0.03626EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2020/02/17 12:0 a.m.79 views

LabVantage 8.3 Information Disclosure

Exploit Title: LabVantage 8.3 - Information Disclosure Google Dork: N/A Date: 2020-02-16 Exploit Author: Joel Aviad Ossi Vendor Homepage: labvantage.com Software Link: N/A Version: LabVantage 8.3 Tested on: CVE : N/A import requests import operator def exploittarget: print"+ Fetching LabVantage...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/17 12:0 a.m.152 views

LabVantage 8.3 - Information Disclosure

Exploit Title: LabVantage 8.3 - Information Disclosure Google Dork: N/A Date: 2020-02-16 Exploit Author: Joel Aviad Ossi Vendor Homepage: labvantage.com Software Link: N/A Version: LabVantage 8.3 Tested on: CVE : N/A import requests import operator def exploittarget: print"+ Fetching LabVantage...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2020/01/27 12:0 a.m.22 views

Fedora: Security Advisory for kernel (FEDORA-2020-c2d89d14d0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.4AI score0.98745EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.45 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1671)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.00708EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/09/16 12:0 a.m.24 views

WordPress Import users from CSV with meta Plugin < 1.14.2.1 Directory Traversal Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113523";...

7.5CVSS7.6AI score0.0232EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2019/06/14 11:16 a.m.170 views

Exploit for CVE-2019-1040

CVE-2019-1040 Great writeup! Exploiting CVE-2019-1040 - Comb...

5.9CVSS7.9AI score0.48043EPSS
Exploits6
CNVD
CNVD
added 2019/06/13 12:0 a.m.4 views

Mozilla Firefox Arbitrary File Access Vulnerability

Mozilla Firefox, commonly known as "Firefox" in Chinese, is a free and open-source web browser that uses the Gecko typography engine and supports a variety of operating systems, such as Windows, Mac OS X and GNU/Linux, among others. Mozilla Firefox suffers from an arbitrary file access...

6.5CVSS8.4AI score0.01366EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/12/13 12:0 a.m.39 views

Fedora Update for polkit FEDORA-2018-4ac3c68ee4

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.4AI score0.11483EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/11/13 12:0 a.m.49 views

Fedora Update for icecast FEDORA-2018-f3d995c6a8

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.48944EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/11/12 12:0 a.m.38 views

Fedora Update for libgit2 FEDORA-2018-f6c972fc06

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.97356EPSS
Exploits20References2
Rows per page
Query Builder