Lucene search
K

31254 matches found

CNNVD
CNNVD
added 2021/01/12 12:0 a.m.7 views

Open-xchange OX App Suite 跨站脚本漏洞

OX App Suite is a modular platform designed for telcos, hosting companies and vendors to deliver a wide range of cloud-based services. A cross-site scripting vulnerability exists in OX App Suite 7.10.4. An attacker could exploit this vulnerability via an inline binary to conduct a cross-site...

6.1CVSS6.2AI score0.01133EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/01/11 9:59 p.m.4 views

golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs

A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...

7.5CVSS7.2AI score0.0473EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/01/11 9:26 p.m.42 views

CVE-2021-23240

A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux is enabled, this flaw allows a malicious user with sudoedit permissions to set the owner of an arbitrary file to the user ID of the target user, potentially leading...

7.8CVSS1.7AI score0.01066EPSS
Exploits1References4
Prion
Prion
added 2021/01/11 7:15 p.m.36 views

Path traversal

Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path...

5CVSS6.4AI score0.0082EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/01/11 6:14 p.m.119 views

CVE-2020-24025

CVE-2020-24025 affects node-sass versions from 2.0.0 through 4.14.1, where certificate validation is disabled when requesting binaries, even if no alternative download path is specified. This can enable TLS validation bypass when fetching binaries. The description does not specify affected OSes o...

5.3CVSS5AI score0.0082EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/01/09 12:0 a.m.3 views

Binary Vulnerability in Tenda W18E Enterprise Router

The Tenda W18E is an enterprise router. A binary vulnerability exists in the Tenda W18E Enterprise Router, which can be exploited by attackers to cause a denial of service attack...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/07 12:0 a.m.12 views

Dell Wyse Management Suite Installed

Binary data dellwysemanagementsuitewininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/01/07 12:0 a.m.37 views

Microsoft Teams Installed (Windows)

Binary data microsoftteamswininstalled.nbin...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.25 views

Google Chrome < 87.0.4280.141 Multiple Vulnerabilities

Binary data 701296.pasl...

8.8CVSS7.3AI score0.01256EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/06 12:0 a.m.3 views

Binary Vulnerability in Mitochrome 2.0

Meitu Look 2.0 is the universal picture viewing software. A binary vulnerability exists in Mito Look 2.0, which can be exploited by an attacker to gain control of a server...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/01/06 12:0 a.m.3 views

Binary Vulnerability in WPS Office Professional Edition

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used office software text, tables, presentations, PDF reading and other functions. A binary vulnerability exists in WPS Office Professional Edition, which can be...

7AI score
Exploits0
CNVD
CNVD
added 2021/01/06 12:0 a.m.5 views

Binary Vulnerability in WPS Office Professional (CNVD-2021-03295)

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used office software text, tables, presentations, PDF reading and other functions. A binary vulnerability exists in WPS Office Professional Edition, which can be...

7AI score
Exploits0
CNVD
CNVD
added 2021/01/06 12:0 a.m.3 views

Binary Vulnerability in WPS Office Professional (CNVD-2021-03294)

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used office software text, tables, presentations, PDF reading and other functions. A binary vulnerability exists in WPS Office Professional Edition, which can be...

7AI score
Exploits0
NVD
NVD
added 2021/01/04 6:15 p.m.12 views

CVE-2020-26292

Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...

9.8CVSS5.5AI score0.00858EPSS
Exploits0References1
OSV
OSV
added 2021/01/04 6:15 p.m.4 views

CVE-2020-26292

Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...

9.8CVSS7.2AI score0.00858EPSS
Exploits0References1
CVE
CVE
added 2021/01/04 6:10 p.m.46 views

CVE-2020-26292

CVE-2020-26292 concerns Creeper, an experimental dynamic language. The vulnerability is limited to the binary release of Creeper Interpreter 1.1.3, not the source code. The compromised binary was briefly available on Dec 26, 2020 (about 3:22 PM–11:00 PM EST) and has since been removed. If you dow...

9.8CVSS6.7AI score0.00858EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/01/04 6:10 p.m.14 views

CVE-2020-26292 Potential Malware Discovered (Possible False Positive)

Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...

3.1CVSS9.5AI score0.00858EPSS
Exploits0References1
OSV
OSV
added 2021/01/04 3:15 p.m.2 views

DEBIAN-CVE-2020-35495

There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34...

5.5CVSS6.3AI score0.01156EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/01/01 12:0 a.m.14 views

NetApp API Compliance Checks

Binary data netappapicompliancecheck.nbin...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/01 12:0 a.m.19 views

ZTE ROSNG Compliance Checks

Binary data ztecompliancecheck.nbin...

7.3AI score
Exploits0
Rows per page
Query Builder