Lucene search
K

80 matches found

UbuntuCve
UbuntuCve
added 2023/09/08 12:15 p.m.56 views

CVE-2023-4807

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/09/08 11:1 a.m.25 views

CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...

8.1AI score0.00862EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/09/08 11:1 a.m.4 views

CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...

7.8AI score0.00862EPSS
Exploits0References4
NVD
NVD
added 2021/12/20 4:15 p.m.14 views

CVE-2021-44525

Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required...

9.8CVSS0.03427EPSS
Exploits0References1
OSV
OSV
added 2021/12/20 3:15 p.m.3 views

CVE-2021-44676

Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements e.g., access control details and modify a few aspects of the application state...

9.8CVSS7.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/12/20 3:15 p.m.5 views

CVE-2021-44676

Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements e.g., access control details and modify a few aspects of the application state...

9.8CVSS7.3AI score0.04371EPSS
Exploits0References3
CVE
CVE
added 2021/12/20 2:53 p.m.75 views

CVE-2021-44676

CVE-2021-44676 affects Zoho ManageEngine Access Manager Plus prior to 4203. Root cause: lack of effective restrictions on user privileges, enabling unauthenticated access to view some data elements and modify certain application-state aspects. Impact is described as access control bypass with pot...

9.8CVSS9.3AI score0.04371EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/12/20 12:0 a.m.12 views

Zoho ManageEngine Access Manager Plus 授权问题漏洞

ZOHO Zoho ManageEngine Access Manager Plus is a privileged session management solution from ZOHO for enterprises to centralize, secure, and manage remote access to privileged sessions.A security vulnerability exists in versions of Zoho ManageEngine Access Manager Plus prior to 4203. The...

9.8CVSS5.8AI score0.04371EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/12/20 12:0 a.m.5 views

ZOHO ManageEngine Log360 授权问题漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity and comply with regulatory? A security vulnerability...

9.8CVSS5.6AI score0.03427EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/12/20 12:0 a.m.6 views

PT-2021-24123 · Zoho · Zoho Manageengine Pam360

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine PAM360 versions prior to build 5303 Description: The issue allows attackers to modify certain aspects of application state due to a filter bypass that does not require authentication. Recommendations: For versions prior to...

9.8CVSS9.4AI score0.03427EPSS
Exploits0References3
NVD
NVD
added 2021/09/08 3:15 p.m.13 views

CVE-2021-30696

An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management...

5.9CVSS0.01152EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/09/08 2:27 p.m.21 views

CVE-2021-30696

An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management...

6.3AI score0.01152EPSS
Exploits0References3
Huntr
Huntr
added 2021/05/15 1:35 p.m.12 views

in utmsigep/member-directory

✍️ Description Entering unintended values during the member creation flow causes unusual database state, unhandled exceptions/stack trace disclosure and denial of service due to continuous page crashes. 🕵️‍♂️ Proof of Concept - Select a member-status/group - Create New Member - Enter an invalid...

0.6AI score
Exploits0
NVD
NVD
added 2021/04/02 6:15 p.m.22 views

CVE-2020-9978

This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be ab...

4.5CVSS0.0052EPSS
Exploits0References5
Prion
Prion
added 2021/04/02 6:15 p.m.20 views

Design/Logic Flaw

This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be ab...

2.7CVSS4.8AI score0.0052EPSS
Exploits0References5Affected Software5
CVE
CVE
added 2021/04/02 5:25 p.m.96 views

CVE-2020-9978

CVE-2020-9978 is an Apple macOS/iOS family issue: a memory/setting-propagation flaw that could allow an attacker in a privileged network position to unexpectedly alter application state. Affected products include macOS Big Sur (11.0.1, 11.1), macOS Catalina (Security Update 2020-001), macOS Mojav...

4.5CVSS4.8AI score0.0052EPSS
Exploits0References5Affected Software5
CNVD
CNVD
added 2021/01/18 12:0 a.m.8 views

Apple macOS has an unspecified vulnerability

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to change the state of an application...

4.5CVSS6.4AI score0.0052EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.7 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to change the state of an application...

4.5CVSS6.7AI score0.0052EPSS
Exploits0References8
NVD
NVD
added 2020/10/27 9:15 p.m.23 views

CVE-2020-9941

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state...

7.5CVSS6.6AI score0.02539EPSS
Exploits0References8
Prion
Prion
added 2020/10/27 9:15 p.m.18 views

Design/Logic Flaw

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state...

5CVSS7AI score0.02539EPSS
Exploits0References8Affected Software5
Rows per page
Query Builder