Lucene search
K

304 matches found

cnnvd
cnnvd
added 2025/07/08 12:0 a.m.7 views

Microsoft MPEG-2 Video Extension 安全漏洞

Microsoft MPEG-2 Video Extension is a Microsoft Corporation USA playback of MPEG video in popular video applications on Windows 10 devices. A security vulnerability exists in Microsoft MPEG-2 Video Extension. An attacker could exploit the vulnerability to remotely execute code. The following...

7.8CVSS6.4AI score0.00352EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 1:14 p.m.6 views

CVE-2018-1000209

Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place a...

8.8CVSS7.4AI score0.01217EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:17 a.m.9 views

CVE-2019-2799

Vulnerability in the Oracle ODBC Driver component of Oracle Database ServerPRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows low privileged attacker having None privilege wit...

7.5CVSS6.5AI score0.0123EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/21 11:51 p.m.10 views

CVE-2003-1126

Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service...

5CVSS7AI score0.01986EPSS
Exploits0References1
cvelist
cvelist
added 2025/02/14 4:18 p.m.31 views

CVE-2024-3220 Default mimetype known files writeable on Windows

There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python runtime startup or have file extensions be interpreted as the...

2.3CVSS0.00478EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/04 11:2 p.m.5 views

CVE-2024-0622

Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation...

8.8CVSS6.9AI score0.00148EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/14 12:0 a.m.5 views

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is used to implement solutions for asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to obtain sensitive information. The following products and...

7.5CVSS8.6AI score0.02073EPSS
Exploits0References2
osv
osv
added 2024/12/16 2:5 p.m.6 views

BIT-NODE-MIN-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

7.8CVSS7.7AI score0.07409EPSS
Exploits1References5
osv
osv
added 2024/12/16 2:1 p.m.16 views

BIT-NODE-MIN-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

7.3CVSS7.2AI score0.01732EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2024/10/09 12:38 p.m.20 views

CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

8.2CVSS7.4AI score0.00604EPSS
Exploits0References1
cvelist
cvelist
added 2024/10/09 12:38 p.m.51 views

CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

8.2CVSS0.00604EPSS
Exploits0References1
osv
osv
added 2024/10/09 12:38 p.m.15 views

CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

8.2CVSS7.1AI score0.00604EPSS
Exploits0References4
cve
cve
added 2024/10/09 12:38 p.m.76 views

CVE-2024-45720

CVE-2024-45720 affects Subversion on Windows: a flawed “best fit” character encoding conversion of command-line arguments to svn.exe can cause misinterpretation of arguments, enabling argument injection and execution of other programs. Affected: all Subversion versions up to 1.14.3 on Windows; fi...

8.2CVSS8.5AI score0.00604EPSS
Exploits0References2Affected Software1
susecve
susecve
added 2024/10/09 2:52 a.m.3 views

SUSE CVE-2024-45720

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

8.2CVSS7.6AI score0.00604EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/10/08 12:0 a.m.3 views

PT-2024-31739

Name of the Vulnerable Software and Affected Versions: Apache Subversion versions up to and including 1.14.3 Description: On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables may lead to unexpected command line argument...

8.2CVSS6AI score0.00604EPSS
Exploits0References24
osv
osv
added 2024/08/30 11:37 p.m.10 views

GHSA-XM4R-5RJ9-2PG3 gratient 0.5 contains credential harvesting code

gratient is a user-facing library for generating color gradients of text. Version 0.5 contained obfuscated, malicious code targeting Windows platforms, harvesting information and credentials from the user's system and sending them to a remote server. Services may include Mullvad VPN and Telegram...

8.7CVSS7.2AI score
Exploits0References3
ptsecurity
ptsecurity
added 2024/07/29 12:0 a.m.5 views

PT-2024-24457 · Python +1 · Cpython +1

Name of the Vulnerable Software and Affected Versions: CPython versions 3.5 through latest Description: The issue arises from the "socket" module's pure-Python fallback for the socket.socketpair function on platforms that don't support AF UNIX, such as Windows. This implementation uses AF INET or...

8.7CVSS6.7AI score0.02303EPSS
Exploits1References49
cnnvd
cnnvd
added 2024/06/11 12:0 a.m.5 views

Microsoft Streaming Service Resource Management Error Vulnerability

Microsoft Streaming Service is a video platform from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Streaming Service. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected:Windows 10 Version...

7.8CVSS6.7AI score0.08038EPSS
Exploits0References4
osv
osv
added 2024/02/15 9:15 p.m.3 views

CVE-2024-0622

Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References1
nvd
nvd
added 2024/02/15 9:15 p.m.35 views

CVE-2024-0622

Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation...

8.8CVSS8.9AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder