Lucene search
K

99 matches found

OSV
OSV
added 2021/01/20 8:15 p.m.2 views

CVE-2021-1270

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this...

6.5CVSS6.7AI score0.00639EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 8:15 p.m.3 views

CVE-2021-1133

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...

7.3CVSS7.2AI score0.01084EPSS
Exploits0References1
OSV
OSV
added 2021/01/19 10:15 a.m.2 views

CVE-2021-22852

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter online registration to obtain database schema and data...

8.8CVSS5.9AI score0.01028EPSS
Exploits0References2
OSV
OSV
added 2020/12/18 8:15 a.m.4 views

CVE-2020-25609

The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to view and modify user data...

5.4CVSS6.3AI score0.00688EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/11 12:0 a.m.1 views

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2020-54910)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows, which can be exploite...

7.8CVSS7.5AI score0.01089EPSS
Exploits0References1
OSV
OSV
added 2020/08/17 7:15 p.m.3 views

CVE-2020-1571

An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or...

7.3CVSS7.5AI score0.01076EPSS
Exploits0References1
OSV
OSV
added 2020/08/17 7:15 p.m.2 views

CVE-2020-1554

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...

7.8CVSS7.1AI score0.03463EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/05 12:0 a.m.8 views

Red Hat CloudForms Access Control Error Vulnerability

Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. An access control error vulnerability exists in Red Hat CloudForms. T...

6.5CVSS6.3AI score0.00776EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/20 12:0 a.m.1 views

Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2020-43107)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Kernel, which aris...

7.8CVSS7.5AI score0.00864EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/20 12:0 a.m.3 views

Microsoft Windows Push Notification Service Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A security vulnerability exists in the way memory objects are handled in the Microsoft...

7.8CVSS6.7AI score0.00762EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/17 12:0 a.m.2 views

Microsoft Windows Diagnostics Hub Elevation of Privilege Vulnerability

Windows Server is the brand name of a series of server operating systems released by Microsoft, which includes all Windows operating systems released under the brand name "Windows Server". An elevation of privilege vulnerability exists in Microsoft Windows Diagnostics Hub, which arises from a...

7.8CVSS7.6AI score0.01019EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.4 views

CVE-2020-12032

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI...

9.1CVSS7.3AI score0.00941EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

Broadcom CA API Developer Portal Access Control Error Vulnerability (CNVD-2020-25820)

Broadcom CA API Developer Portal is an API developer portal product of Broadcom's complete API lifecycle management solution, which provides API release control, API performance monitoring and other functions. A security vulnerability exists in Broadcom CA API Developer Portal 4.3.1 and prior...

8.1CVSS6.7AI score0.01887EPSS
Exploits0References1
OSV
OSV
added 2019/10/16 7:15 p.m.3 views

CVE-2019-15260

A vulnerability in Cisco Aironet Access Points APs Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected device. An attacker could...

9.8CVSS7.3AI score0.02994EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/10 12:0 a.m.4 views

Cisco Firepower Management Center SQL Injection Vulnerability (CNVD-2019-34714)

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A SQL injection vulnerability exists in the web-based management interface in Cisco Firepower Management Center FMC, which stems from the program's failure to properly validate input, and...

9CVSS8.1AI score0.02965EPSS
Exploits0References1
OSV
OSV
added 2019/10/02 7:15 p.m.4 views

CVE-2019-12679

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS7.6AI score0.02965EPSS
Exploits0References1
OSV
OSV
added 2019/10/02 7:15 p.m.2 views

CVE-2019-12685

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

8.8CVSS6.1AI score0.02965EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/08/20 7:2 p.m.3 views

Use This Privacy Tool to View and Clear Your 'Off-Facebook Activity' Data

Well, here we have great news for Facebook users, which is otherwise terrible for marketers and publishers whose businesses rely on Facebook advertisement for re-targeted conversations. Following the Cambridge Analytica scandal, Facebook has taken several privacy measures in the past one year wit...

6.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.2 views

PT-2019-3029 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory by the Windows kernel. This can be exploited by an attacker to elevate their privileges and run arbitrary code in kernel mode...

7.8CVSS8AI score0.00944EPSS
Exploits0References5
CNVD
CNVD
added 2019/08/01 12:0 a.m.1 views

Shenzhen Dragon Brothers Digital Lock Co., Ltd. OKLOK intelligent door locks have logical design loopholes

Shenzhen Dragon Brothers Digital Lock Co. Shenzhen Dragon Brothers Digital Lock Co. OKLOK smart door lock has a logical design vulnerability. Attackers can use the vulnerability to overstep the right to view the binding information of others, access to sensitive information, but also to perform...

6.6AI score
Exploits0
Rows per page
Query Builder