Lucene search
+L

446 matches found

CNNVD
CNNVD
added 2021/07/05 12:0 a.m.8 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, an American company. A security vulnerability exists in a number of qualcomm products that stems from a weak configuration of the WLAN, causing unencrypted messages to be forwarded from one client to another. An attacker could exploit the...

4.3CVSS5.2AI score0.00172EPSS
Exploits0References3
Prion
Prion
added 2021/06/16 6:15 p.m.27 views

Input validation

A vulnerability in the Cisco Advanced Malware Protection AMP for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers...

5.8CVSS7.2AI score0.0067EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2021/06/16 4:0 p.m.69 views

Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability

A vulnerability in the Cisco Advanced Malware Protection AMP for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers...

7.4CVSS7.3AI score0.0067EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/16 12:0 a.m.5 views

Cisco Advanced Malware Protection 信任管理问题漏洞

Cisco Advanced Malware Protection AMP for Endpoints for Windows is a Windows-based endpoint security solution from Cisco. The product mainly features advanced threat prevention, monitoring and response. Cisco Advanced Malware Protection has a security vulnerability that allows an unauthenticated,...

7.4CVSS7.3AI score0.0067EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/11 3:44 p.m.37 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes security vulnerability (CVE-2020-8554)

Summary IBM Cloud Kubernetes Service is affected by a Kubernetes security vulnerability that could allow a malicious user to intercept traffic from other pods or nodes in the cluster CVE-2020-8554 Vulnerability Details CVEID: CVE-2020-8554 Description: Kubernetes could allow a remote authenticate...

6.3CVSS0.2AI score0.09274EPSS
Exploits3Affected Software1
OSV
OSV
added 2021/05/28 7:15 p.m.7 views

CVE-2021-20267

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...

7.1CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2021/05/28 7:15 p.m.0 views

DEBIAN-CVE-2021-20267

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...

7.1CVSS6.5AI score0.01015EPSS
Exploits0References1
OSV
OSV
added 2021/05/28 7:15 p.m.9 views

UBUNTU-CVE-2021-20267

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...

7.1CVSS6.6AI score0.01015EPSS
Exploits0References4
PyPA
PyPA
added 2021/05/28 7:15 p.m.6 views

PYSEC-2021-136

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...

7.1CVSS6.6AI score0.01015EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/05/28 6:46 p.m.28 views

CVE-2021-20267

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...

7.1CVSS6.9AI score0.01015EPSS
Exploits0
OSV
OSV
added 2021/03/31 8:0 a.m.10 views

CURL-CVE-2021-22890 TLS 1.3 session ticket proxy host mix-up

Enabled by default, libcurl supports the use of TLS 1.3 session tickets to resume previous TLS sessions to speed up subsequent TLS handshakes. When using an HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote serve...

4.3CVSS5.5AI score0.03141EPSS
Exploits1
OSV
OSV
added 2021/03/24 9:15 p.m.5 views

CVE-2021-1411

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

9.9CVSS7.3AI score0.01382EPSS
Exploits0References1
Prion
Prion
added 2021/03/24 9:15 p.m.38 views

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

9CVSS9.7AI score0.01382EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/24 8:20 p.m.27 views

CVE-2021-1411 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

9.9CVSS9.9AI score0.01382EPSS
Exploits0References1
OSV
OSV
added 2021/03/24 8:15 p.m.2 views

CVE-2021-1471

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

5.6CVSS7.3AI score0.01323EPSS
Exploits0References1
Prion
Prion
added 2021/03/24 8:15 p.m.28 views

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

6.5CVSS8.1AI score0.0103EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/24 8:7 p.m.23 views

CVE-2021-1471 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

9.9CVSS9.9AI score0.01323EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.310 views

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

Exploit Title: SOYAL Biometric Access Control System 5.0 - Master Code Disclosure Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affect...

7.4AI score
Exploits0
Veracode
Veracode
added 2021/02/26 7:0 a.m.18 views

Man-in-the-Middle (MitM)

mongodb-client-encryption is vulnerable to man-in-the-middle attacks. The module does not perform correct validation of the KMS servers certificate and would potentially allow for man-in-the-middle attackers to intercept and modify network traffic...

6.8CVSS6.4AI score0.00204EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/02/25 5:15 p.m.19 views

Design/Logic Flaw

A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Node.js driver and th...

4.3CVSS6.4AI score0.00204EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder