Lucene search
K

64 matches found

OSV
OSV
added 2021/10/11 8:15 a.m.1 views

CVE-2021-41832

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory...

7.5CVSS7AI score0.013EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/10/11 8:15 a.m.3 views

CVE-2021-41830

It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory...

7.5CVSS7.3AI score0.01346EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/11 12:0 a.m.8 views

PT-2021-7669 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier Adobe ColdFusion versions Update 4 and earlier Description: The issue exists due to improper limitation of a pathname to a restricted directory, allowing for path traversal. This could result in...

8.3CVSS6.8AI score0.45159EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/10/11 12:0 a.m.4 views

PT-2021-7667 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier Description: The issue is related to the use of hard-coded credentials in Adobe ColdFusion, which could result in application denial-of-service by gaining access to...

7.5CVSS7.2AI score0.44021EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/10/11 12:0 a.m.6 views

PT-2021-7668 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier Description: The issue is caused by improper input validation, which could result in arbitrary file system read. Exploitation of this issue does not require user...

7.8CVSS7.1AI score0.33841EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/10/11 12:0 a.m.4 views

PT-2021-7670 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier Adobe ColdFusion versions Update 4 and earlier Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user...

9.8CVSS9.5AI score0.73487EPSS
Exploits0References6
OSV
OSV
added 2021/08/05 8:15 p.m.3 views

CVE-2021-32579

Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker who has a local code execution ability to tamper with the micro-service API...

7.8CVSS6.2AI score0.00236EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.3 views

Acronis True Image 授权问题漏洞

Acronis True Image is a famous data backup and restore software from Acronis Singapore. The software can be used to create drive and disk images and can restore the image when a clean system is needed. A security vulnerability exists in Acronis True Image 2021 Update 4 and earlier versions for...

7.8CVSS7.9AI score0.00236EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2019/10/30 12:0 a.m.7 views

March 5, 2019, update for Access 2010 (KB4018363)

March 5, 2019, update for Access 2010 KB4018363 This article describes update 4018363 for Microsoft Access 2010 that was released on March 5, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2010. It doesn't apply to th...

6.3AI score
Exploits0
OSV
OSV
added 2019/09/27 4:15 p.m.4 views

CVE-2019-8072

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

7.5CVSS7.1AI score0.07352EPSS
Exploits0References1
OSV
OSV
added 2019/09/27 4:15 p.m.4 views

CVE-2019-8073

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user...

9.8CVSS7.7AI score0.08252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/20 12:0 a.m.4 views

PT-2019-6105 · Citrix · Citrix Storefront Server

Name of the Vulnerable Software and Affected Versions: Citrix StoreFront Server versions prior to 1903 Citrix StoreFront Server 7.15 LTSR versions prior to CU4 3.12.4000 Citrix StoreFront Server 7.6 LTSR versions prior to CU8 3.0.8000 Description: The issue is related to incorrect restriction of...

7.8CVSS6.9AI score0.3026EPSS
Exploits0References6
CNVD
CNVD
added 2018/11/02 12:0 a.m.2 views

Arcserve Unified Data Protection Information Disclosure Vulnerability

Arcserve Unified Data Protection UDP is a set of unified data protection solutions from Arcserve, Inc. in the United States. The solution provides backup and recovery of all virtual and physical environments, global deduplication, and more. An information disclosure vulnerability exists in the...

7.5CVSS7AI score0.01337EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/03/03 12:0 a.m.6 views

PT-2016-5236 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5 Description: The issue allows local users to cause a denial of service by creating many pipes with non-default sizes, resulting in memory consumption due to the lack of limitation on the amount of unread dat...

10CVSS7.4AI score0.9166EPSS
Exploits126References823
CNVD
CNVD
added 2015/06/04 12:0 a.m.24 views

Multiple Directory Traversal Vulnerability in Arcserve Unified Data Protection

Arcserve UDP Unified Data Protection is a set of unified data protection solutions from the U.S. company Arcserve. The solution provides backup and recovery of all virtual and physical environments, global deduplication and other functions. Multiple directory traversal vulnerabilities exist in th...

9.4CVSS6.6AI score0.63643EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/09/18 10:46 p.m.7 views

OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

6.4CVSS7.4AI score0.02575EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/09/06 4:9 p.m.5 views

JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than...

10CVSS5.8AI score0.05357EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/09/06 4:9 p.m.5 views

JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and...

5.8CVSS6.7AI score0.11515EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/06/20 11:38 a.m.5 views

OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

6.4CVSS7.4AI score0.02575EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/06/20 11:35 a.m.6 views

OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect availability via unknown vectors related to Security...

5CVSS7.4AI score0.04262EPSS
Exploits0References4
Rows per page
Query Builder