Lucene search
K

133 matches found

BDU FSTEC
BDU FSTEC
added 2022/08/01 12:0 a.m.6 views

The vulnerability of the CUPS printing server stems from deficiencies in the authentication process, which allows attackers to escalate their privileges.

The vulnerability of the CUPS printing server is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to increase their privileges...

6.8CVSS6.7AI score0.00579EPSS
Exploits0References22Affected Software11
OSV
OSV
added 2022/07/31 2:34 p.m.9 views

GSD-2022-1004709 drm/panfrost: Fix shrinker list corruption by madvise IOCTL

drm/panfrost: Fix shrinker list corruption by madvise IOCTL This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.207 by commit...

7.4AI score
Exploits0
OSV
OSV
added 2022/07/31 2:34 p.m.7 views

GSD-2022-1004702 Revert "evm: Fix memleak in init_desc"

Revert "evm: Fix memleak in initdesc" This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.207 by commit 31e99fa969fd67d77ea92c5527c9cf1c85faa58...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.3 views

logrotate 安全漏洞

logrotate is a utility program. It is designed to simplify the management of systems that generate large numbers of log files. A security vulnerability exists in logrotate that stems from a problem with the way logrotate uses status files. An attacker could exploit the vulnerability to lock the...

6.5CVSS6.4AI score0.0149EPSS
Exploits0References15
Prion
Prion
added 2022/03/29 5:15 p.m.18 views

Default configuration

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files such as DLLs or replace existing executable files...

4.6CVSS8AI score0.00208EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/03/18 12:19 a.m.7 views

GSD-2022-1000801 RDMA/ib_srp: Fix a deadlock

RDMA/ibsrp: Fix a deadlock This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.26 by commit c8b56e51aa91b8e7df3a98388dce3fdabd15c1d4, it was...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.14 views

Jenkins Support Core 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Support Core Plugin 2.79 and earlier versions are vulnerable to an information disclosure vulnerability that stems...

6.5CVSS5.7AI score0.00966EPSS
Exploits0References5
OSV
OSV
added 2021/11/29 2:39 a.m.12 views

GSD-2021-1002344 staging: rtl8723bs: remove a second possible deadlock

staging: rtl8723bs: remove a second possible deadlock This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.9 views

The vulnerability of the zmq::tcp_read() function in the libzmq library, a library for asynchronous messaging in ZeroMQ, allows a attacker to cause a service failure.

The vulnerability of the zmq::tcpread function in the libzmq library, a library for asynchronous messaging, is related to the failure of write operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

9.8CVSS8AI score0.01842EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2021/05/31 3:39 p.m.9 views

GSD-2021-1000162 perf/core: Fix unconditional security_locked_down() call

perf/core: Fix unconditional securitylockeddown call This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.35 by commit...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/04/02 12:0 a.m.6 views

Huawei P30 Memory Write Overrun Vulnerability

Huawei P30 is a smartphone from Chinese company Huawei Huawei. Huawei P30 suffers from a memory write out-of-bounds vulnerability. The vulnerability is due to insufficient validation of incoming parameters, a write out-of-bounds occurs in one of the system's protocols when processing a request...

6.5CVSS6.7AI score0.00272EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/02/25 12:0 a.m.6 views

The vulnerability of the authentication interface in Junos operating system routers of the EX, QFX, and SRX series allows a attacker to cause a service failure.

The vulnerability of the 802.1X authentication interface in Junos routing devices of the EX, QFX, and SRX series is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability can allow an attacker to cause service failures...

6.5CVSS6.6AI score0.00794EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/15 12:0 a.m.4 views

The vulnerability of the Secdo security incident investigation software lies in the insufficient validation of input data, allowing an intruder to add data to the root directory.

The vulnerability of the Secdo security incident investigation software exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to add data to the root catalog...

5.5CVSS6.3AI score0.00261EPSS
Exploits0References3
CNVD
CNVD
added 2020/04/09 12:0 a.m.2 views

Varnish Cache Information Disclosure Vulnerability

Varnish Cache is a set of reverse web caching servers. A security vulnerability exists in Varnish Cache that stems from a failure of the program to clear the pointer to the previous request when processing the next client request in the same connection. An attacker could exploit this vulnerabilit...

7.5CVSS6.8AI score0.01746EPSS
Exploits0
CNVD
CNVD
added 2020/03/10 12:0 a.m.3 views

Memory corruption vulnerability exists in WPS Office (CNVD-2020-23730)

WPS Office is a Kingsoft office software produced by the office software, you can realize the office software commonly used text, forms, presentations and other functions. WPS Office memory corruption vulnerability, attackers can use the vulnerability to cause the program to crash, may obtain...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/05/29 12:0 a.m.1 views

SAP Landscape Management Information Disclosure Vulnerability

SAP Landscape Management is a management tool that enables SAP foundation administrators to automate SAP system operations, including end-to-end SAP system replication or refresh operations. An unspecified information disclosure vulnerability exists in SAP Landscape Management. This vulnerability...

6.1AI score
Exploits0References1
CNVD
CNVD
added 2017/03/16 12:0 a.m.3 views

SAP HANA Cockpit for Offline Administration Information Disclosure Vulnerability

SAP HANA is a suite of real-time data analytics platforms from Germany's SAP. An information disclosure vulnerability exists in SAP HANA Cockpit for Offline Administration. An attacker can exploit the vulnerability to obtain sensitive information that could lead to running further attacks...

6.1AI score
Exploits0References1
CNVD
CNVD
added 2015/01/21 12:0 a.m.2 views

Oracle Solaris has a local vulnerability

Oracle Solaris is a unix-based operating system. A local vulnerability exists in Oracle Solaris that could be exploited by an attacker to compromise a 'Libc' subcomponent...

2.1CVSS6.5AI score0.00435EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

CuteNews 1.3 Comment HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10750/info CutePHP is reported prone to an HTML injection vulnerability. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, user-supplied input to comment posts are not...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/19 12:0 a.m.18 views

BigACE 2.7.5 - 'LANGUAGE' Directory Traversal

source: https://www.securityfocus.com/bid/66350/info BIGACE Web CMS is prone to an SQL-injection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access o...

7AI score
Exploits0
Rows per page
Query Builder