Lucene search
K

765 matches found

OSV
OSV
added 2017/05/16 5:29 p.m.3 views

CVE-2017-6658

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...

7.5CVSS5.8AI score0.0106EPSS
Exploits0References3
OSV
OSV
added 2017/03/21 2:48 a.m.9 views

USN-3240-1 nvidia-graphics-drivers-304, nvidia-graphics-drivers-340, nvidia-graphics-drivers-375 vulnerability

It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service...

5.5CVSS6.4AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2017/03/02 6:59 a.m.3 views

CVE-2017-6402

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur...

6.5CVSS5.8AI score0.00906EPSS
Exploits0References2
CNVD
CNVD
added 2017/01/20 12:0 a.m.5 views

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00949)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

5.4CVSS6.8AI score0.00836EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/22 12:0 a.m.5 views

Red Hat OpenShift Enterprise Remote Denial of Service Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications.OpenShift Enterprise is an open source version of the private cloud. A remote denial of service vulnerability exists in Red Hat OpenShift Enterprise...

4.3CVSS6.8AI score0.01308EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.1 views

Stored Cross-Site Scripting Vulnerability in 50CMS V3.0

50CMS is an open source content management system for software developers, program enthusiasts, and web designers. A stored cross-site scripting vulnerability exists in 50CMS V3.0. Due to the lack of security filtering of form inputs, an attacker can exploit the vulnerability to write arbitrary...

6.2AI score
Exploits0
OSV
OSV
added 2016/10/05 5:59 p.m.5 views

CVE-2016-6418

Cross-site scripting XSS vulnerability in Cisco Videoscape Distribution Suite Service Manager VDS-SM 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCva14552...

6.1CVSS5.9AI score0.00853EPSS
Exploits0References2
OSV
OSV
added 2016/10/05 1:59 a.m.4 views

CVE-2016-6645

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the 1 GeneralCmdRequest, 2 PersistantDataRequest, or 3...

8.8CVSS6.1AI score0.03623EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/09/16 12:0 a.m.4 views

PT-2020-6949 · Zabbix +4 · Zabbix +4

Name of the Vulnerable Software and Affected Versions: Zabbix versions 3.0.0 through 3.0.32rc1 Zabbix versions 4.0.0 through 4.0.22rc1 Zabbix versions 4.1.x through 4.4.x before 4.4.10rc1 Zabbix versions 5.x before 5.0.2rc1 Description: The issue is related to the lack of protection of the web pa...

9.8CVSS6.7AI score0.84657EPSS
Exploits41References114
OSV
OSV
added 2016/07/21 10:12 a.m.4 views

CVE-2016-3468

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install...

9.8CVSS5.8AI score0.05477EPSS
Exploits0References4
CNVD
CNVD
added 2016/07/21 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Fusion Middleware Business GlassFish Server

Oracle Fusion Middleware is a comprehensive middleware portfolio of SOA and middleware products. A security vulnerability exists in Oracle Fusion Middleware versions 2.1.1, 3.0.1, GlassFish Server component, which can be exploited by remote attackers to compromise confidentiality...

5.8CVSS6.8AI score0.02353EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.6 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2016-05391)

Oracle MySQL Server is a lightweight relational database system. A security vulnerability exists in Oracle MySQL Server versions 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier, which can be exploited by an authenticated, local attacker to affect availability...

4.9CVSS6.2AI score0.03703EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/28 12:0 a.m.6 views

LOCKON EC-CUBE Access Privilege Vulnerability (CNVD-2016-02686)

LOCKON EC-CUBE is an open source e-commerce website building platform developed by Japan LOCKON Co. The platform supports product login, user evaluation, artwork layout and so on. An access privilege vulnerability exists in LOCKON EC-CUBE versions 3.0.0 through 3.0.9. A remote attacker can exploi...

5.3CVSS7AI score0.01301EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/28 12:0 a.m.6 views

LOCKON EC-CUBE Cross-Site Request Forgery Vulnerability (CNVD-2016-02684)

LOCKON EC-CUBE is an open source e-commerce website building platform developed by Japan LOCKON Co. The platform supports product login, user evaluation, artwork layout and so on. A cross-site request forgery vulnerability exists in LOCKON EC-CUBE versions 3.0.0 through 3.0.9. An attacker can...

8.8CVSS6.8AI score0.00636EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/27 12:0 a.m.4 views

PHPBack SQL Injection Vulnerability

PHPback is an open source web application feedback system that provides users with feedback on issues and suggestions to help improve the site. A SQL injection vulnerability exists in the 'orderby' parameter in PHPBack version 3.0. Allow attackers to exploit the vulnerability to modify the conten...

8.1AI score
Exploits0References1
OSV
OSV
added 2016/04/12 11:59 p.m.0 views

CVE-2016-0147

Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka "MSXML 3.0 Remote Code Execution Vulnerability."...

8.8CVSS6.2AI score0.15709EPSS
Exploits0References2
CNVD
CNVD
added 2016/02/26 12:0 a.m.3 views

Cisco ACE 4710 Application Control Engine Command Injection Vulnerability

Cisco ACE 4710 Application Control Engine is the United States Cisco Cisco a set of ACE application switch series and used to increase the security and stability of data center applications load balancing and application delivery solutions. A command injection vulnerability exists in the Cisco AC...

9CVSS7.6AI score0.02801EPSS
Exploits0References1
CNVD
CNVD
added 2016/02/11 12:0 a.m.5 views

Microsoft Active Directory Federated Authentication Service Denial of Service Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Microsoft Active Directory Federation Services ADFS is an Active Directory Federation Service that runs on Windows systems. The service provides Web Single Sign-On SSO technology, which enables...

7.5CVSS7.2AI score0.26256EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2015/08/03 12:0 a.m.3 views

PT-2017-6869 · Project Jupyter +3 · Python +3

Name of the Vulnerable Software and Affected Versions: IPython versions 2.0 through 2.4.0 IPython versions 3.0 through 3.2.2 Description: Cross-site request forgery in the REST API is possible. IPython is a command shell, and this issue affects its REST API. Recommendations: For IPython versions...

8.8CVSS8.7AI score0.01201EPSS
Exploits2References31
CNVD
CNVD
added 2015/04/16 12:0 a.m.1 views

Cisco TelePresence Collaboration Desk and Room Endpoints TC Software Open Redirect Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. An open redirection vulnerability exists in the login page of Cisco TC Software versions prior to 6.3-26 and prior to 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints appliances, which could allow an...

5.8CVSS6.6AI score0.01869EPSS
Exploits0References1
Rows per page
Query Builder