Lucene search
K

11 matches found

CNNVD
CNNVD
added 2024/08/15 12:0 a.m.2 views

ECMAScript 安全漏洞

ECMAScript is a language library open-sourced by Ecma TC39. A security vulnerability exists in versions prior to ECMAScript 2022 through 2025 that stems from the presence of a JavaScript specification issue that leads to type confusion and pointer dereferencing in implementations...

8.6CVSS8.2AI score0.00656EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.4 views

PT-2024-4014 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 SU5 Description: The issue is related to a SQL Injection vulnerability in the GetDBPatches method of Ivanti Endpoint Manager, which fails to properly protect the SQL query structure. This allows ...

9.6CVSS9.1AI score0.99877EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.5 views

Intel oneMKL Security Vulnerability

Intel oneMKL is Intel's Mathematical Kernel Library for developers to implement high-performance mathematical and statistical computations in a variety of computing tasks. A security vulnerability exists in IntelR oneMKL versions prior to 2022.0. An attacker can exploit the vulnerability to eleva...

7.8CVSS6.6AI score0.00131EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.3 views

Mobatime 安全漏洞

Mobatime is a time and frequency synchronization solution from Mobatime, Inc. A security vulnerability exists in versions prior to Mobatime 06.7.2022, which stems from misauthorization in a web application...

8.8CVSS7.9AI score0.00602EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/11/11 12:0 a.m.4 views

Intel Hyperscan 缓冲区错误漏洞

Intel Hyperscan is a high-performance multi-regular expression matching library from Intel Corporation USA. A security vulnerability exists in versions of Intel Hyperscan prior to 2022/4/29, which stems from improperly limiting buffers. An attacker could exploit the vulnerability to escalate...

9.8CVSS8.2AI score0.0051EPSS
Exploits0References3
OSV
OSV
added 2022/09/19 10:15 p.m.1 views

CVE-2022-38339

Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page...

6.1CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.3 views

PT-2022-4116 · Cryptopro +3 · Cryptopro Secure Disk +3

Name of the Vulnerable Software and Affected Versions: CryptoPro Secure Disk versions before 2022-06-01 Description: A flaw was found in the bootloaders, allowing an attacker to bypass or tamper with Secure Boot protections. To load and execute arbitrary code in the pre-boot stage, an attacker...

7.2CVSS6.7AI score0.01046EPSS
Exploits0References28
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.5 views

PT-2022-4307 · Microsoft +3 · Windows +3

Name of the Vulnerable Software and Affected Versions: Eurosoft bootloaders versions prior to 2022-06-01 Description: A flaw was found in Eurosoft bootloaders that allows an attacker to bypass or tamper with Secure Boot protections. To load and execute arbitrary code in the pre-boot stage, an...

6.7CVSS6.9AI score0.01046EPSS
Exploits0References28
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.5 views

OnyxForum 路径遍历漏洞

OnyxForum is an open source forum repository for Space Station 13: Chaotic Onyx. A path traversal vulnerability exists in versions of OnyxForum prior to 2022-05-04, which stems from insecure use of the Flask sendfile function...

9.3CVSS8.3AI score0.01213EPSS
Exploits1References3
OSV
OSV
added 2022/03/16 1:15 p.m.2 views

CVE-2021-42552

Cross-site Scripting XSS vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim's browser. This issue affects all ArchivistaBox versions prior to 2022/I...

6.1CVSS5.8AI score0.00657EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/03/16 1:15 p.m.3 views

CVE-2021-42552

Cross-site Scripting XSS vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim's browser. This issue affects all ArchivistaBox versions prior to 2022/I...

6.1CVSS5.8AI score0.00657EPSS
Exploits1References2
Rows per page
Query Builder