Lucene search
K

110 matches found

CNVD
CNVD
added 2024/10/21 12:0 a.m.9 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability (CNVD-2024-41985)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge Chromium-based suffers from a spoofing vulnerability that can be exploited by attackers to conduct spoofing attacks...

5.4CVSS6.5AI score0.00398EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/08/23 12:0 a.m.7 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

5.5CVSS5.4AI score0.00273EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2024/07/19 12:0 a.m.7 views

Google Chrome Security Bypass Vulnerability (CNVD-2024-33615)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome version 1.3.36.351 and prior versions, which stems from a mal-implementation issue found in the Sign-In module. An attacker could exploit the vulnerability to bypass security...

6.5CVSS6.3AI score0.00293EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.3 views

Pear Admin Boot SQL Injection Vulnerability

Pear Admin Boot is an out-of-the-box Spring rapid development platform for the Pear Admin community in China. A SQL injection vulnerability exists in Pear Admin Boot version 2.0.2 and earlier versions. An attacker exploits this vulnerability to perform SQL injection attacks...

9.8CVSS7.9AI score0.00523EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2024/04/13 12:0 a.m.6 views

CVE-2024-3721

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX . The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotel...

6.5CVSS7.8AI score0.86489EPSS
In wildExploits0References5
CNVD
CNVD
added 2024/03/01 12:0 a.m.5 views

Huawei HarmonyOS and EMUI Lock Screen Module Privilege Management Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A privilege management vulnerability exists in the...

7.5CVSS6.7AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/23 12:0 a.m.4 views

Microsoft Dynamics 365 (on-premises) cross-site scripting vulnerability (CNVD-2024-39670)

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. The product includes financial management, production management and business intelligence management. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 on-premises,...

8.2CVSS6.1AI score0.0114EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/06 12:0 a.m.21 views

(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Uncontrolled Resource Consumption Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RESTSDK server. The issue results from...

5.3CVSS6.9AI score0.00822EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/05 12:0 a.m.16 views

IBM Tivoli Application Dependency Discovery Manager Cross-Site Scripting Vulnerability (CNVD-2024-07605)

IBM Tivoli Application Dependency Discovery Manager TADDM is a product in the suite of IT service management solutions from International Business Machines IBM. The product provides robust automated application mapping and discovery to help administrators understand the structure, state,...

6.1CVSS6.3AI score0.00348EPSS
Exploits0References1
CNVD
CNVD
added 2023/12/15 12:0 a.m.16 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-0118629)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS7.2AI score0.00562EPSS
Exploits0References1
NVD
NVD
added 2023/12/06 5:15 a.m.37 views

CVE-2023-26154

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

5.9CVSS0.00955EPSS
Exploits1References17
CNVD
CNVD
added 2023/11/16 12:0 a.m.11 views

Microsoft Exchange Server Spoofing Vulnerability (CNVD-2024-37492)

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by an attack...

8CVSS6.4AI score0.72992EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/01 12:0 a.m.5 views

Google Android Information Disclosure Vulnerability (CNVD-2024-00162)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

5.5CVSS6.1AI score0.00103EPSS
Exploits0References1
CNVD
CNVD
added 2023/10/19 12:0 a.m.10 views

IBM DB2 Denial of Service Vulnerability (CNVD-2023-100317)

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service full vulnerability exists in IBM Db2 version 11.1 and 11.5, which can be...

7.5CVSS6.4AI score0.00849EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/05 12:0 a.m.7 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a series of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets. Attackers have exploited the vulnerability to cause a denial-of-service attack on the system...

7.5CVSS6.7AI score0.00324EPSS
Exploits0References4
CNVD
CNVD
added 2023/08/19 12:0 a.m.16 views

Rockwell Automation ThinManager ThinServer Input Validation Error Vulnerability

Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, Inc. It allows thin clients to be assigned to multiple remote desktop servers at the same time. An input validation error vulnerability exists in Rockwell Automation ThinManager ThinServer, which can be...

9.1CVSS7.2AI score0.78093EPSS
Exploits1References1
CNVD
CNVD
added 2023/07/07 12:0 a.m.9 views

Huawei HarmonyOS and EMUI Memory Misreference Vulnerability Hole (CNVD-2023-61741)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and EMUI have a memory misreference...

9.8CVSS6.7AI score0.00487EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/30 12:0 a.m.7 views

SeaCMS Denial of Service Vulnerability (CNVD-2024-37629)

SeaCMS is designed to solve the core needs of station owners and content management system, a set of programs to adapt to computers, cell phones, tablets, APP multiple terminal entrances, without any encryption code, safe and secure, is the best station building tools. SeaCMS 11.6 version of the...

6.5CVSS6.7AI score0.0087EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.7 views

simple-markdown 安全漏洞

Khan Academy simple-markdown is a Markdown parser. A security vulnerability exists in simple-markdown version 0.6.0. An attacker has exploited the vulnerability to reduce regular expression complexity...

7.5CVSS5.6AI score0.01097EPSS
Exploits1References6
Wallarm Lab
Wallarm Lab
added 2023/01/19 2:2 p.m.24 views

Wallarm Releases New End-to-End Solution to Reduce Risk and Time-to-Remediate Leaked API Keys and Secrets

Advancement to API Security Technology Will Combat Recent Surge in Hacks Leveraging Leaked API; Early Release Now Available San Francisco, CA –BUSINESS WIRE– January 19, 2023 – Wallarm, the end-to-end API security company, today announced the early release of the Wallarm API Leak Management...

0.1AI score
Exploits0
Rows per page
Query Builder