Lucene search
K

249 matches found

OpenVAS
OpenVAS
added 2022/03/22 12:0 a.m.43 views

QNAP QTS Privilege Escalation Vulnerability (QSA-22-05)

QNAP QTS is prone to a local privilege escalation vulnerability, also known as dirty pipe. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

7.8CVSS8.3AI score0.89063EPSS
Exploits100References4
OpenVAS
OpenVAS
added 2022/02/21 12:0 a.m.23 views

Ruby on Rails Information Disclosure Vulnerability (GHSA-wh98-p28r-vrc9) - Windows

Ruby on Rails is prone to an information disclosure vulnerability in Action Pack. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

7.4CVSS5.9AI score0.02226EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/02/17 12:0 a.m.23 views

QNAP QTS 5.x < 5.0.0.1891 build 20211221 Multiple Vulnerabilities

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

9CVSS7.9AI score0.02032EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/02/07 12:0 a.m.15 views

MongoDB DoS Vulnerability (SERVER-59071) - Linux

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

6.5CVSS6.3AI score0.01181EPSS
Exploits0References1
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/26 1:47 p.m.35 views

What is MQTT ❓ All you need to know.

Introduction Regardless of the application type, seamless information exchange between two points is a pivotal operational step. IoT or Internet of Things application development is on the rise and is not free from this crucial requirement. That’s where Message Queue Telemetry Protocol comes into...

7.4AI score
Exploits0
NVD
NVD
added 2021/11/19 7:15 p.m.30 views

CVE-2021-26248

Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

5.9CVSS0.00226EPSS
Exploits0References2
Prion
Prion
added 2021/11/19 7:15 p.m.14 views

Code injection

Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

5CVSS5.4AI score0.00629EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2021/11/19 7:15 p.m.16 views

Design/Logic Flaw

Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource...

2.1CVSS5.4AI score0.00226EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2021/11/19 6:37 p.m.46 views

CVE-2021-26248

CVE-2021-26248 affects Philips MRI 1.5T and MRI 3T (Version 5.x.x). The vulnerability is an Incorrect Ownership Assignment (CWE-708) where a resource is assigned to an owner outside the intended control sphere, enabling improper access control. The incident is documented with a CVSS v3 base score...

5.9CVSS6.1AI score0.00226EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/11/19 6:36 p.m.32 views

CVE-2021-42744 Philips MRI 1.5T and 3T Information Exposure

Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

5.9CVSS6.4AI score0.00252EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2021/11/19 12:0 a.m.32 views

Security fix for the ALT Linux 9 package mailman version 5:2.1.37-alt1

5:2.1.37-alt1 built Nov. 19, 2021 Dmitry V. Levin in task 289143 Nov. 13, 2021 Dmitry V. Levin - 2.1.36 - 2.1.37 fixes bug in the fix for CVE-2021-43332...

4CVSS6.8AI score0.01072EPSS
Exploits0
Veeam
Veeam
added 2021/10/12 12:0 a.m.15 views

Veeam Service Provider Console v5 Patch 4

More Recent Version Available Please find the latest version of Veeam Service Provider Console here: https://www.veeam.com/service-providers-download.html Requirements Please confirm you are running version 5.0.0.6726 or later before installing Patch 4. You can check this by logging in to the...

7.8AI score
Exploits0Affected Software1
CNVD
CNVD
added 2021/09/29 12:0 a.m.41 views

F-Secure Internet Gatekeeper Denial of Service Vulnerability

F-Secure Internet Gatekeeper is a gateway product that acts as a virus scanning agent for HTTP, SMTP, POP, and FTP protocols. a denial of service vulnerability exists in the web user interface of F-Secure Internet Gatekeeper version 5 Series. An attacker could exploit the vulnerability by sending...

7.5CVSS1.6AI score0.00588EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/03 3:23 p.m.35 views

Security Bulletin: IBM WebSphere Application Server Hypervisor GnuTLS certificate security bypass CVE-2014-0092

Summary GnuTLS in Red Hat Enterprise Linux that ships with IBM WebSphere Application Server Hypervisor edition could allow a remote attacker to bypass security restrictions, caused by an error when verifying unspecified certificates. By persuading a victim to visit a specially-crafted Web site, a...

5.8CVSS7.1AI score0.29958EPSS
Exploits1Affected Software1
CVE
CVE
added 2021/05/06 7:25 p.m.71 views

CVE-2020-28198

Summary: Multiple sources describe a stack buffer overflow in the IBM Tivoli Storage Manager components that expose the vulnerable behavior via the interactive use of the id parameter in dsmadmc.exe (Version 5 Release 2, and related IBM TSM/Operations Center variants). The flaw is triggered by an...

7CVSS6.9AI score0.00415EPSS
Exploits1References2Affected Software1
Exploit DB
Exploit DB
added 2021/04/22 12:0 a.m.802 views

OTRS 6.0.1 - Remote Command Execution (2)

Exploit Title: OTRS 6.0.1 - Remote Command Execution 2 Date: 21-04-2021 Exploit Author: Hex26 Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE : CVE-2017-16921...

9CVSS8.7AI score0.19901EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2021/02/10 12:0 a.m.48 views

Squid 5.x < 5.0.4 Multiple Vulnerabilities

According to its self-reported version number, the version of Squid installed on the remote host is 5.x 5.0.4 or prior to 4.13. It is, therefore, affected by multiple vulnerabilities: - Due to incorrect data validation Squid is vulnerable to HTTP request splitting and HTTP request smuggling attac...

8.6CVSS7.7AI score0.05162EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/04/24 12:0 a.m.35 views

Squid Security Update Advisory (SQUID-2020:4)

Squid is prone to multiple vulnerabilities in the HTTP Digest authentication. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

9.8CVSS9AI score0.27246EPSS
Exploits0References1
NVD
NVD
added 2019/11/06 6:15 p.m.27 views

CVE-2010-2471

Drupal versions 5.x and 6.x has open redirection...

6.1CVSS6.2AI score0.011EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2019/08/18 9:18 a.m.5 views

ayakashi (>=1.0.0-beta3 <=1.0.0-beta5.2), cplotter-validator (>=0.0.1 <=0.0.2) +7 more potentially affected by CVE-2019-10752 via sequelize (>=5.10.0 <=5.14.0)

sequelize NPM version =5.10.0, =1.0.0-beta3, =0.0.1, =2.0.0-alpha.2, =1.0.0-beta.15, =2.0.0, =1.0.8, =1.0.9 Source cves: CVE-2019-10752 Source advisory: SNYK:JS-SEQUELIZE-459751...

9.8CVSS7.2AI score0.01462EPSS
Exploits1
Rows per page
Query Builder