Lucene search
+L

86 matches found

nessus
nessus
added 2020/04/29 12:0 a.m.17 views

Microsoft SharePoint Server 2019 build < 16.0.10350.20000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Microsoft SharePoint. - A spoofing vulnerability exists in Microsoft SharePoint when it...

8.8CVSS7.3AI score0.11659EPSS
Exploits5References14
nessus
nessus
added 2020/04/29 12:0 a.m.15 views

Microsoft SharePoint Server 2016 build < 16.0.4900.1000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Microsoft SharePoint. - A spoofing vulnerability exists in Microsoft SharePoint when it...

8.8CVSS7.3AI score0.11659EPSS
Exploits5References14
cnvd
cnvd
added 2020/04/23 12:0 a.m.5 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-31240)

NETGEAR WNR3500L and others are products of NETGEAR.WNR3500L is a wireless router.NETGEAR R6400 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6400 is a wireless router.NETGEAR R6400 is a wireless router.NETGEAR R6400 is a wireless router.NETGEAR R6400 is a wireless router.NETGEA...

4.8CVSS6.4AI score0.00501EPSS
Exploits0References1
osv
osv
added 2019/09/11 10:15 p.m.2 views

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

8.8CVSS6.4AI score0.08328EPSS
Exploits0References1
nvd
nvd
added 2019/09/11 10:15 p.m.32 views

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

8.8CVSS8.9AI score0.08328EPSS
Exploits0References1
prion
prion
added 2019/09/11 10:15 p.m.24 views

Remote code execution

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

6.5CVSS8.8AI score0.11659EPSS
Exploits0References1Affected Software3
cvelist
cvelist
added 2019/09/11 9:25 p.m.39 views

CVE-2019-1295

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296...

9AI score0.08328EPSS
Exploits0References1
mscve
mscve
added 2019/09/10 7:0 a.m.34 views

Microsoft SharePoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm...

8.8CVSS2.2AI score0.08328EPSS
Exploits0
osv
osv
added 2019/09/09 2:15 p.m.12 views

CVE-2019-10670

An issue was discovered in LibreNMS through 1.47. Many of the scripts rely on the function mysqliescaperealstring for filtering data. However, this is particularly ineffective when returning user supplied input in an HTML or a JavaScript context, resulting in unsafe data being injected into these...

6.1CVSS6.6AI score
Exploits0References1
prion
prion
added 2019/09/09 2:15 p.m.17 views

Input validation

An issue was discovered in LibreNMS through 1.47. Many of the scripts rely on the function mysqliescaperealstring for filtering data. However, this is particularly ineffective when returning user supplied input in an HTML or a JavaScript context, resulting in unsafe data being injected into these...

4.3CVSS6.2AI score0.00818EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2019/09/09 1:7 p.m.21 views

CVE-2019-10670

An issue was discovered in LibreNMS through 1.47. Many of the scripts rely on the function mysqliescaperealstring for filtering data. However, this is particularly ineffective when returning user supplied input in an HTML or a JavaScript context, resulting in unsafe data being injected into these...

6.2AI score0.00818EPSS
Exploits1References1
cnvd
cnvd
added 2019/07/29 12:0 a.m.5 views

MISP Cross-Site Scripting Vulnerability (CNVD-2020-22366)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. MISP suffers from a cross-site scripting vulnerability. The vulnerability stems from a lac...

6.1CVSS6.5AI score0.00809EPSS
Exploits0References1
cnvd
cnvd
added 2019/07/22 12:0 a.m.3 views

Eclipse OpenJ9 code injection vulnerability

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A code injection vulnerability exists in AIX builds in Eclipse OpenJ9 versions prior to 0.15.0. The vulnerability stems from a networked system or product that does not...

7.8CVSS9.5AI score0.00394EPSS
Exploits0References1
pypa
pypa
added 2019/01/10 9:29 p.m.7 views

PYSEC-2019-153

modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution...

9.8CVSS7.7AI score0.028EPSS
Exploits0References2Affected Software1
osv
osv
added 2019/01/10 9:29 p.m.5 views

CVE-2017-1002157

modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution...

9.8CVSS6.1AI score0.028EPSS
Exploits0References1
cnvd
cnvd
added 2017/11/30 12:0 a.m.4 views

QEMU 'b/nbd/server.c' stack buffer overflow vulnerability

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU 'b/nbd/server.c' suffers from a stack buffer overflow vulnerability, which originates from the program failing to properly perform bounds...

9.8CVSS7.1AI score0.11931EPSS
Exploits3References1
osv
osv
added 2017/09/11 5:29 p.m.6 views

CVE-2017-14075

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...

7.8CVSS6.2AI score0.01821EPSS
Exploits6References2
osv
osv
added 2017/06/10 7:1 a.m.17 views

MGASA-2017-0164 Updated ansible packages fix security vulnerability

It was found that aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key CVE-2016-8614. It is reported that in Ansible, under some circumstances the mysqluser module...

9.8CVSS7.2AI score0.04804EPSS
Exploits1References6
cnvd
cnvd
added 2017/06/08 12:0 a.m.6 views

Pivotal Spring Web Flow Remote Code Execution Vulnerability

Pivotal Spring Web Flow is a web application from Pivotal Software, Inc. that provides navigation for check-in, loan application or shopping cart checkout. A remote code execution vulnerability exists in Pivotal Spring Web Flow versions 2.4.0 through 2.4.4. The vulnerability is caused due to a...

5.9CVSS8.5AI score0.15858EPSS
Exploits1References1
osv
osv
added 2017/03/23 10:59 p.m.3 views

CVE-2017-7247

Multiple Cross-Site Scripting XSS were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data torrents, size passed to the 'Gazelle-master/sections/tools/managers/multiplefreeleech.php' URL. An attacker could execute arbitrary HTML...

6.1CVSS6AI score0.01051EPSS
Exploits0References3
Rows per page
Query Builder