Lucene search
+L

97 matches found

susecve
susecve
added 2023/02/15 4:53 a.m.2 views

SUSE CVE-2017-2363

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain...

6.5CVSS8.1AI score0.06961EPSS
Exploits3References7
vulnrichment
vulnrichment
added 2023/01/18 12:0 a.m.3 views

CVE-2022-47950

An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data...

6.3AI score0.01001EPSS
Exploits1References4
cvelist
cvelist
added 2022/09/20 8:19 p.m.24 views

CVE-2022-32880

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data...

7.3AI score0.00531EPSS
Exploits0References1
ncsc
ncsc
added 2022/04/29 12:0 a.m.5 views

Vulnerabilities fixed in Zoom

Vulnerabilities have been fixed in Zoom. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Access to sensitive data Increased user privileges Zoom has released updates to fix...

7.9CVSS6.7AI score0.01003EPSS
Exploits0
ncsc
ncsc
added 2021/03/29 12:0 a.m.6 views

Vulnerabilities fixed in FreeBSD

Several vulnerabilities have been fixed in FreeBSD. The vulnerabilities allow a malicious person, potentially unauthenticated remote, be able to carry out attacks resulting in the following categories of damage: Bypassing authentication Bypassing security measure Accessing sensitive data Access t...

8.7CVSS6.7AI score0.02315EPSS
Exploits2
cnvd
cnvd
added 2020/12/15 12:0 a.m.9 views

Adobe Experience Manager Blind Server-Side Request Forgery Vulnerability

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.8CVSS6.3AI score0.02077EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2020/06/10 12:0 a.m.7 views

PT-2020-6400 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions prior to 8.8.8 Drupal Core versions prior to 8.9.1 Drupal Core versions prior to 9.0.1 Description: The issue is related to improper authorization in the Drupal Core JSON:API module when the read only setting is set to...

9.8CVSS9AI score0.01275EPSS
Exploits0References12
nvd
nvd
added 2020/04/24 7:15 p.m.14 views

CVE-2020-7134

A remote access to sensitive data vulnerability was discovered in HPE IOT + GCP versions: 1.4.0, 1.4.1, 1.4.2, 1.2.4.2...

6.5CVSS6.4AI score0.00935EPSS
Exploits0References1
osv
osv
added 2020/01/26 5:15 a.m.4 views

CVE-2019-15255

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it...

6.5CVSS6.7AI score0.0111EPSS
Exploits0References1
osv
osv
added 2018/04/08 9:37 p.m.12 views

MGASA-2018-0198 Updated libvncserver packages fix security vulnerability

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

9.8CVSS9.6AI score0.06222EPSS
Exploits1References3
osv
osv
added 2016/06/08 2:59 p.m.3 views

CVE-2016-2019

HPE Systems Insight Manager SIM before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030...

8.1CVSS5.8AI score0.0314EPSS
Exploits0References3
cnvd
cnvd
added 2015/04/09 12:0 a.m.5 views

McAfee Advanced Threat Defense Information Disclosure Vulnerability (CNVD-2015-02280)

McAfee Advanced Threat Defense provides advanced threat defense that defends against advanced malware, including zero-day persistent threats and advanced persistent threats. McAfee Advanced Threat Defense fails to properly restrict access, allowing remotely authenticated attackers to gain access ...

4CVSS6.7AI score0.00966EPSS
Exploits0References1
nvd
nvd
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2455

Sweex Wireless Broadband Router/Accesspoint 802.11g LC000060 allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file...

7.5CVSS6.4AI score0.01705EPSS
Exploits0References6
nvd
nvd
added 2003/03/31 5:0 a.m.18 views

CVE-2002-1555

Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information...

5CVSS6.5AI score0.01643EPSS
Exploits0References3
exploitpack
exploitpack
added 2003/01/14 12:0 a.m.13 views

vAuthenticate 2.8 - SQL Injection

vAuthenticate 2.8 - SQL Injection source: https://www.securityfocus.com/bid/6605/info A vulnerability has been discovered in vAuthenticate. It has been reported that various PHP scripts used by vAuthenticate are prone to SQL injection attacks. This issue may be exploited by an unauthorized attack...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2000/11/16 12:0 a.m.12 views

RealServer 5.06.07.0 - Memory Contents Disclosure

RealServer 5.06.07.0 - Memory Contents Disclosure source : https://www.securityfocus.com/bid/1957/info RealServer is a popular streaming audio and video server from Real Networks. A vulnerability exists in all versions of RealServer 7 and below that could allow a remote attacker to gain...

7.4AI score
Exploits0
cvelist
cvelist
added 1976/01/01 12:0 a.m.9 views

CVE-2018-4611

...

Exploits0
Rows per page
Query Builder