Lucene search
K

54 matches found

Positive Technologies
Positive Technologies
added 2020/08/11 12:0 a.m.2 views

PT-2020-3806 · Microsoft · Windows Backup Engine +1

Name of the Vulnerable Software and Affected Versions: Windows Backup Engine affected versions not specified Description: The issue is caused by a buffer overflow in memory, allowing an attacker to elevate their privileges using a specially crafted application. To exploit this, an attacker must...

7.8CVSS7.9AI score0.00795EPSS
Exploits0References6
CNVD
CNVD
added 2020/03/20 12:0 a.m.3 views

Systech NDS-5008 Cross-Site Scripting Vulnerability

The Systech NDS-5008 is a terminal server from Systech USA. A cross-site scripting vulnerability exists in the Systech NDS-5000 Terminal Server NDS/5008 8 Port, RJ45 using firmware version 02D.30. The vulnerability stems from the lack of proper validation of client data by the WEB application. An...

8.4CVSS6.4AI score0.01729EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.4 views

CVE-2020-0775

An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.01308EPSS
Exploits0References1
OSV
OSV
added 2020/02/11 10:15 p.m.2 views

CVE-2020-0705

An information disclosure vulnerability exists when the Windows Network Driver Interface Specification NDIS improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface Specification NDIS...

5.5CVSS6.7AI score0.01454EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/04 12:0 a.m.2 views

Trend Micro Security 2020 DLL Hijacking Vulnerability

Trend Micro Security 2020 is a suite of computer security protection software from Trend Micro. Trend Micro Security 2020 suffers from a DLL hijacking vulnerability. An attacker could exploit this vulnerability to execute a malicious program...

7.8CVSS7.1AI score0.00518EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/23 12:0 a.m.3 views

FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-37369)

FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conference server and voice application server. A cross-site scripting vulnerability exists in FusionPBX. An attacker can exploit this...

6.1CVSS6.4AI score0.00824EPSS
Exploits0References1
Veracode
Veracode
added 2019/09/05 5:44 a.m.14 views

Arbitrary Code Execution

numpy is vulnerable to arbitrary code execution. A use-after-free in arraytypes.c.src occurs when constructing object array from a void array, which would potentially allow an attacker to execute arbitrary code...

7.5AI score
Exploits0
CNVD
CNVD
added 2019/08/28 12:0 a.m.2 views

WordPress events-manager plugin cross-site scripting vulnerability (CNVD-2019-30594)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. events-manager is an events management plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References1
Veracode
Veracode
added 2019/07/08 9:28 a.m.26 views

Remote Code Execution (RCE)

ChakraCore is vulnerable to remote code execution RCE. This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the current user...

7.5CVSS7.8AI score0.11107EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2019/06/12 2:29 p.m.1 views

CVE-2019-0998

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution o...

7.8CVSS7.3AI score0.0107EPSS
Exploits0References2
NVD
NVD
added 2019/02/13 3:29 a.m.26 views

CVE-2019-8316

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...

9CVSS9.1AI score0.06582EPSS
Exploits1References1
myhack58
myhack58
added 2016/07/22 12:0 a.m.20 views

Apple OSX WindowServer: heap overflow vulnerability lead to mention the right vulnerability-vulnerability warning-the black bar safety net

! CVE ID CVE-2 0 1 6-4 6 4 0 The CVSS Score 4.4, AV:L/AC:M/Au:N/C:P/I:P/A:P The affected supplier Apple The affected products OSX Vulnerability details This vulnerability allows a remote attacker is able to in easy to install Apple OSX on the execution of arbitrary code. Exploitation of this...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2003/09/08 12:0 a.m.14 views

MyServer 0.4.3 - GET Argument Buffer Overflow

MyServer 0.4.3 - GET Argument Buffer Overflow // source: https://www.securityfocus.com/bid/7770/info myServer has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP GET requests of excessive length. Although...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2002/06/14 12:0 a.m.9 views

Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting

Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5026/info Cisco Secure ACS is an access control and accounting server system. It is distributed and maintained by Cisco, and in this vulnerability affects implementations on the Microsoft Windows ...

0.4AI score
Exploits0
Rows per page
Query Builder