Lucene search
K

204 matches found

Prion
Prion
added 2021/12/17 5:15 p.m.17 views

Default credentials

Parallels Remote Application Server RAS allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an...

2.1CVSS6.8AI score0.00272EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2021/12/14 12:56 a.m.14 views

[SECURITY] Fedora 34 Update: python-markdown2-2.4.2-1.fc34

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

1.6AI score
Exploits0
Kitploit
Kitploit
added 2021/11/23 11:30 a.m.20 views

UDP-Hunter - Network Assessment Tool For Various UDP Services Covering Both IPv4 And IPv6 Protocols

UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP Hunter is a python based open source network assessment tool focused on UDP Service Scanning. With UDP Hunter, we have focused on providing auditing of widely know...

7.5AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/11 6:30 p.m.6 views

OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.07819EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.19 views

Microsoft Office Memory Corruption Vulnerability

Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...

9.3CVSS9.4AI score0.97327EPSS
In wildExploits1
OpenVAS
OpenVAS
added 2021/10/02 12:0 a.m.17 views

Fedora: Security Advisory for rust-wat (FEDORA-2021-68713440cb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS6.4AI score0.00297EPSS
Exploits0References2
HackRead
HackRead
added 2021/10/01 7:17 p.m.38 views

Anonymous leaks more EPIK host data; ‘larger than previous leak’

By Waqas According to Anonymous, the EPIK data leak involves bootable disk images, API tokens, over 500,000 private keys, etc. all in plain-text format. This is a post from HackRead.com Read the original post: Anonymous leaks more EPIK host data; larger than previous leak...

0.8AI score
Exploits0
CNVD
CNVD
added 2021/06/18 12:0 a.m.8 views

CAJViewer 7.3 suffers from a binary vulnerability (CNVD-2021-45254)

CAJViewer 7.3 is a specialized full-text format viewer for China Journal Network CJN, which supports CJN's TEB, CAJ, NH, KDH and PDF format files. A binary vulnerability exists in CAJViewer 7.3, which can be exploited by attackers to cause a denial of service...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/18 12:0 a.m.14 views

CAJViewer 7.3 suffers from a binary vulnerability (CNVD-2021-45248)

CAJViewer 7.3 is a specialized full-text format viewer for China Journal Network CJN, which supports CJN's TEB, CAJ, NH, KDH and PDF format files. A binary vulnerability exists in CAJViewer 7.3, which can be exploited by attackers to cause a denial of service...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/02 12:0 a.m.2 views

CAJViewer has a binary vulnerability (CNVD-2021-41045)

CAJviewer is a specialized full-text format reader for China Journal Network CJN, which supports TEB, NH, CAJ, KDH and PDF files of CJN. A binary vulnerability exists in CAJViewer, which can be exploited by attackers to execute malicious code on a user's system...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/11 12:0 a.m.4 views

CAJViewer suffers from a memory corruption vulnerability (CNVD-2021-37437)

CAJviewer is a specialized full-text format reader for China Journal Network CJN, which supports TEB, NH, CAJ, KDH and PDF files of CJN. CAJViewer suffers from a memory corruption vulnerability. An attacker can exploit this vulnerability to cause the program to crash...

7.2AI score
Exploits0
Fedora
Fedora
added 2021/05/10 1:7 a.m.30 views

[SECURITY] Fedora 34 Update: python-markdown2-2.4.0-1.fc34

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

7.5CVSS1.6AI score0.02384EPSS
Exploits1
Fedora
Fedora
added 2021/05/10 12:52 a.m.41 views

[SECURITY] Fedora 32 Update: python-markdown2-2.4.0-1.fc32

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

7.5CVSS1.6AI score0.02384EPSS
Exploits1
Gitee
Gitee
added 2021/02/22 10:13 p.m.4 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2018-0802 介绍 RTF118820802 软件架构 软件架构说明 安装教程 1. xxxx 2. xxxx 3. xxxx 使用说明 1. xxxx 2. xxxx 3. xxxx 参与贡献 1. Fork 本仓库 2. 新建 Featxxx 分支 3. 提交代码 4. 新建 Pull Request 特技 1. 使用 Readme\XXX.md 来支持不同的语言,例如 Readme\en.md, Readme\zh.md 2. Gitee 官方博客 blog.gitee.com 3. 你可以 https://gitee.com/explore 这个地址来了解 Gite...

9.3CVSS8.9AI score0.93289EPSS
Exploits7
BDU FSTEC
BDU FSTEC
added 2020/06/22 12:0 a.m.4 views

The vulnerability of the oowriter text editor in the OpenOffice office suite allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the oowriter text editor within the OpenOffice office package is related to a memory management flaw after memory is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions using...

9.9CVSS5.5AI score0.10274EPSS
Exploits0References5Affected Software4
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.13 views

Fedora: Security Advisory for python-markdown2 (FEDORA-2020-3864f32b3d)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.01868EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2020/03/13 4:40 p.m.22 views

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat APT group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call “Vicious Panda.” Researchers identified two suspicious Rich Text Format files RTF — a text file format used b...

7.8AI score
Exploits0References9
Gitee
Gitee
added 2019/11/19 9:33 a.m.6 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ (膜一波,现在unamer的代码已经可以执行shellcode了) CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

9.3CVSS7AI score0.99945EPSS
Exploits33
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.3 views

The vulnerability of the software detection mechanism in Cisco Firepower System Software allows attackers to circumvent the configured security policies for detecting malicious programs and files with extensions .RTF and .RAR.

The vulnerability of the Cisco Firepower System Software’s malware detection mechanism exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass established security policies without being detected as carrying malware. The detected files...

5.8CVSS6.5AI score0.01455EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.3 views

The vulnerability of the software detection mechanism in Cisco Firepower System Software allows attackers to circumvent the configured security policies for detecting malicious programs and files with extensions .RTF and .RAR.

The vulnerability of the Cisco Firepower System Software’s malware detection mechanism exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass established security policies without being detected as carrying malware. The detected files...

5.8CVSS6.5AI score0.01455EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder