Lucene search
K

124 matches found

Redos
Redos
added 2024/04/03 12:0 a.m.7 views

ROS-20240402-19

A vulnerability in the VMware Tools suite for Windows operating systems is related to a flaw in the authorization procedure. of authorization. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges VMware Tools s utility suite vulnerability is relate...

7.5CVSS6.9AI score0.00667EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/03/09 12:0 a.m.23 views

CVE-2023-46427

An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial of service DoS, and obtain sensitive information via null pointer deference in gfdashsetupperiod component in mediatools/dashclient.c...

9.8CVSS9.7AI score0.01101EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.7 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a malicious actor to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

7.8CVSS7.8AI score0.00201EPSS
Exploits0References2
Veracode
Veracode
added 2023/11/30 6:44 p.m.17 views

Denial Of Service (DoS)

vorbis-tools is vulnerable to Denial Of Service DoS. The vulnerability exists due to the buffer overflow in the library, which allows an attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files...

7.8CVSS8AI score0.00448EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2023/10/10 2:15 p.m.17 views

AZL-31304 CVE-2023-44487 affecting package cri-tools for versions less than 1.28.0-2

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References1
CISA
CISA
added 2023/09/01 12:0 p.m.5 views

VMware Releases Security Update for Tools

VMware has released a security update to address a vulnerability in VMware Tools. A cyber threat actor can exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0019link is external and apply the necessary...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.8 views

PT-2023-3080 · Vmware +10 · Vmware Tools +13

Name of the Vulnerable Software and Affected Versions: VMware Tools versions prior to 12.2.5 VMware vCenter affected versions not specified Description: A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integri...

7.5CVSS6.8AI score0.13638EPSS
Exploits1References139
vulnersOsv
vulnersOsv
added 2023/03/24 4:26 a.m.5 views

priyanshbot12 (=1.0.2) potentially affected by unknown CVE via fb-tools (=0.0.1-security)

fb-tools NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on fb-tools and may be impacted: - priyanshbot12 =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2023-327...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2023/03/07 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A type-mangling vulnerability exists in versions prior to Google Chrome 111.0.5563.64, which stems from a type-mangling issue in the DevTools component. A remote attacker could exploit this vulnerability to cause heap corruption via crafted UI...

6.3CVSS9.1AI score0.0042EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.8 views

The vulnerability of the design and preparation of 3D-printing objects, related to insufficient verification of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the design and preparation tools for 3D printing is related to insufficient verification of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS6.9AI score0.00657EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.43 views

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2780)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - nfslookupreply in net/nfs.c in Das U-Boot through 2022.04 and through 2022.07-rc2 has an unbounded memcpy with a failed length check, leadin...

9.8CVSS8AI score0.02612EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/10/31 12:0 a.m.9 views

The vulnerability in the developer tools of browsers like Google Chrome and Microsoft Edge allows a hacker to bypass existing security restrictions and expose sensitive information.

The vulnerability of developer tools for web developers in Google Chrome and Microsoft Edge is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and expose sensitive information through a specially created...

7.8CVSS7.4AI score0.006EPSS
Exploits1References7Affected Software5
NVD
NVD
added 2022/10/29 6:15 p.m.35 views

CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

7.8CVSS0.00658EPSS
Exploits4References13
Prion
Prion
added 2022/10/29 6:15 p.m.35 views

Privilege escalation

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

4.3CVSS7.7AI score0.00658EPSS
Exploits5References13Affected Software3
OSV
OSV
added 2022/10/29 12:0 a.m.43 views

CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

7.8CVSS7.8AI score0.00658EPSS
Exploits4References15
Debian CVE
Debian CVE
added 2022/10/29 12:0 a.m.105 views

CVE-2022-41974

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...

7.8CVSS7.8AI score0.00606EPSS
Exploits4
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.3 views

Oracle JD Edwards EnterpriseOne Tools 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products offer application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD Edwards' JD Edward...

5.4CVSS6.7AI score0.00422EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.6 views

Oracle JD Edwards Products 跨站脚本漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products provide application modules for financial management, project management, and asset lifecycle management. A cross-site scripting vulnerability exists in Oracle JD...

6.1CVSS6.7AI score0.00524EPSS
Exploits0References2
OSV
OSV
added 2022/08/24 11:25 a.m.4 views

USN-5578-1 open-vm-tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine...

7.8CVSS5.8AI score0.0054EPSS
Exploits0References2
CISA
CISA
added 2022/08/23 12:0 a.m.10 views

VMware Releases Security Update

VMware has released a security update to address a vulnerability in Tools. A remote attacker could likely exploit the vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0024 and apply the necessary update. Thi...

3.2AI score
Exploits0References1
Rows per page
Query Builder