Lucene search
K

99 matches found

BDU FSTEC
BDU FSTEC
added 2018/07/12 12:0 a.m.5 views

The vulnerability of the Wireless Data Service module of the Qualcomm Data Services component in the Android operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Wireless Data Service module of the Qualcomm Data Services operating system in Android is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

10CVSS5.9AI score0.01354EPSS
Exploits0References3
CNVD
CNVD
added 2018/04/10 12:0 a.m.4 views

Remote Code Execution Vulnerability in Spring Framework spring-messaging Module

Spring Framework is the United States Pivotal Software's set of open source Java, Java EE application framework. The framework helps developers build high-quality applications . A remote code execution vulnerability exists in the Spring Framework spring-messaging module. An attacker can exploit t...

9.8CVSS8.1AI score0.77245EPSS
Exploits5References1
CNVD
CNVD
added 2018/03/07 12:0 a.m.2 views

Google Android System Component Remote Code Execution Vulnerability (CNVD-2018-06644)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A remote code execution vulnerability exists in the Google Android System component. An attacker can exploit the vulnerability to execute arbitrary code in the context of an...

8.8CVSS8.4AI score0.00688EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/01/18 10:29 p.m.3 views

CVE-2017-17860

In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone...

5.7CVSS5.5AI score0.00286EPSS
Exploits1References2
CNVD
CNVD
added 2017/12/05 12:0 a.m.3 views

Tor has an unspecified vulnerability

Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. A security vulnerability exists in Tor. An attacker can exploit the vulnerability to turn off log warnings...

4.3CVSS6.8AI score0.00904EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/16 12:0 a.m.4 views

Apache Solr/Lucene Remote Code Execution Vulnerability

Apache Solr is an open source search server . Solr using the Java language development , mainly based on HTTP and Apache Lucene implementation. Lucene is apache Software Foundation 4 jakarta project group a subproject , is an open source full-text search engine toolkit . Apache Solr/Lucene has a...

9.8CVSS8.6AI score0.91896EPSS
Exploits11References1
CNVD
CNVD
added 2017/09/13 12:0 a.m.2 views

Microsoft Windows kernel information disclosure vulnerability (CNVD-2017-32966)

Microsoft Windows Server 2008 SP2 is a series of operating systems released by Microsoft. kernel component is one of the kernel components. An information disclosure vulnerability exists in the kernel component of Microsoft Windows, which arises from a program's failure to properly handle memory...

5.5CVSS5.2AI score0.0423EPSS
Exploits2References1
CNVD
CNVD
added 2017/09/12 12:0 a.m.6 views

OCaml compiler elevation of privilege vulnerability

OCaml compiler is a compiler for OCaml maintained by the OCaml community that generates standalone programs and supports batch-oriented processing. A security vulnerability exists in OCaml compiler. An attacker can exploit this vulnerability to elevate privileges...

7.8CVSS8.6AI score0.00577EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/07 12:0 a.m.1 views

PDNS Manager Remote Command Execution Vulnerability

PDNS Manager is an authoritative domain name server management tool for Powerdns. An arbitrary code execution vulnerability exists in PDNS Manager. An attacker could exploit this vulnerability to execute arbitrary code in the context of an affected application run by a user...

8AI score
Exploits0References1
CNVD
CNVD
added 2017/06/16 12:0 a.m.2 views

Google Android Unauthorized Operation Vulnerability (CNVD-2017-11471)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. There is a security vulnerability in Android. An attacker can exploit the vulnerability to perform unauthorized operations...

5.5CVSS6.8AI score0.00485EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/24 12:0 a.m.1 views

WordPress API Data Handling Error Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress suffers from an API data handling error vulnerability. An attacker can exploit this vulnerability to execute...

8.6CVSS8.6AI score0.01775EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/21 12:0 a.m.1 views

Elefant CMS Cross-Site Request Forgery Vulnerability

Elefant CMS is a content management system. Elefant CMS suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to execute arbitrary HTML and script code within a user's browser session in the context of an affected site...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2017/02/17 12:0 a.m.3 views

Pivotal Cloud Foundry Elastic Runtime Elevation of Privilege Vulnerability

Pivotal Cloud Foundry PCF is a set of open source Platform-as-a-Service PaaS cloud computing platforms from U.S.-based Pivotal Software, which provides container scheduling, continuous delivery, and automated service deployment. An elevation of privilege vulnerability exists in Pivotal Cloud...

8.8CVSS8.8AI score0.01258EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/16 12:0 a.m.2 views

Joomla Hbooking Component SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla Hbooking component. An attacker can exploit the vulnerability to access or modify database data...

8AI score
Exploits0References1
CNVD
CNVD
added 2017/02/13 12:0 a.m.5 views

Jitsi User Impersonation Vulnerability

Jitsi is an open source, secure ZRTP encrypted, high quality SIP/XMPP video calling, conferencing, chatting, desktop sharing, file transferring. It can be installed on your favorite operating system and supports multiple IM networks. Jitsi suffers from a user impersonation vulnerability. An...

5.9CVSS6AI score0.0155EPSS
Exploits2References1
CNVD
CNVD
added 2016/09/06 12:0 a.m.5 views

Red Hat oVirt Engine Local Information Disclosure Vulnerability

Red Hat oVirt Engine is an open source virtualization management platform from Red Hat Red Hat, an open source version of RHEV Platform for Enterprise Virtualization, consisting of the oVirt-node client and the overt-engine management side . A local information disclosure vulnerability exists in...

5.5CVSS5.9AI score0.00235EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/17 12:0 a.m.3 views

Authd Local Information Disclosure Vulnerability

Authd is a daemon for the RFC 1413 set of ident protocols. Authd suffers from an information disclosure vulnerability that could be exploited by an attacker to submit a special request for sensitive information...

6.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity

Vulnerability of the Java Runtime Environment, related to program components. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data by using the Sound component...

7.5CVSS7.1AI score0.04976EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2015/09/23 12:0 a.m.3 views

H2O Directory Traversal Vulnerability

H2O is a set of open source Web server software . H2O suffers from a directory traversal vulnerability. When the program uses the file.dir directive, a remote attacker can exploit the vulnerability to read arbitrary files with the help of a specially crafted URL...

4.3CVSS6.9AI score0.01655EPSS
Exploits0References1
Rows per page
Query Builder