Lucene search
K

73 matches found

ATTACKERKB
ATTACKERKB
added 2023/06/19 5:15 p.m.8 views

CVE-2023-34158

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled...

5.3CVSS6.1AI score0.00281EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.5 views

OPC UA Legacy Java Stack 资源管理错误漏洞

The OPC UA Legacy Java Stack is a legacy support for the Java version of OPC UA from the OPC Foundation of America. A security vulnerability exists in versions of the OPC UA Legacy Java Stack prior to 6f176f2, which stems from an attacker's ability to block an OPC UA server application through...

7.5CVSS7.3AI score0.01168EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/02/28 8:22 a.m.9 views

systemd: deadlock in systemd-coredump via a crash with a long backtrace

A flaw was found in the systemd-coredump utility of systemd. When an application crashes, the systemd-coredump utility is called twice, once by the kernel and the second time in the [email protected] to write the data, process, and save the core file. Communication between the programs is...

5.5CVSS7.3AI score0.00254EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/11/04 10:23 p.m.6 views

CVE-2022-43572 Indexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk S2S or HTTP Event Collector HEC protocols to an indexer results in a blockage or denial-of-service preventing further indexing...

7.5CVSS6.8AI score0.00766EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.3 views

CVE-2022-28761

Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions...

6.5CVSS5.8AI score0.00676EPSS
Exploits0References1
OSV
OSV
added 2022/09/23 6:28 p.m.19 views

CVE-2022-35251

A cross-site scripting vulnerability exists in Rocket.chat v5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are...

5.4CVSS6.2AI score0.00539EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/07/11 12:0 a.m.4 views

PT-2022-20317 · 3S Smart Software Solutions · Codesys V3

Name of the Vulnerable Software and Affected Versions: CODESYS V3 affected versions not specified Description: An uncontrolled resource consumption issue in the CmpChannelServer of CODESYS V3 allows an unauthorized attacker to block new communication channel connections. Existing connections are...

7.5CVSS7.4AI score0.0083EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/06/02 12:0 a.m.14 views

Bad use of safeApprove

Lines of code Vulnerability details Impact Function deposit in booster could revert when stake option is true if the contract has an allowance of the token for rewarcontract 0. The same in many contracts but in VE3DRewardPool.sol a user can get his rewards blocked. Proof of Concept If the contrac...

6.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/17 12:53 a.m.18 views

GeniXCMS denial of service (account blockage)

GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service account blockage by leveraging the mishandling of certain username substring relationships, such as the admin username versus the admin username, related to register.php, User.class.php, and Type.class.php...

5.3CVSS6.9AI score0.01421EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2022/05/06 12:0 a.m.6 views

HCL BigFix Platform 跨站请求伪造漏洞

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platform from HCL Technologies, India. The platform supports automated discovery, management and remediation of endpoint security issues. HCL Technologies HCL BigFix Platform suffers from a security vulnerability that...

6.5CVSS6.5AI score0.00337EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/12/15 7:15 a.m.3 views

CVE-2021-40171

The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BGU-ITR-F1-BDBL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system...

5.3CVSS6AI score0.00924EPSS
Exploits0References3
CNVD
CNVD
added 2021/04/16 12:0 a.m.9 views

SAP NetWeaver AS ABAP Denial of Service Vulnerability (CNVD-2021-29099)

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...

6.5CVSS6.7AI score0.00862EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/13 12:0 a.m.7 views

SAP NetWeaver AS ABAP Business Server 安全漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...

6.5CVSS5.6AI score0.00862EPSS
Exploits0References4
OSV
OSV
added 2021/01/01 12:15 a.m.5 views

CVE-2016-20006

The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...

7.5CVSS5.8AI score0.01018EPSS
Exploits0References1
CVE
CVE
added 2020/12/31 11:26 p.m.84 views

CVE-2016-20006

The CVE concerns the REST/JSON project 7.x-1.x for Drupal, where SA-CONTRIB-2016-033 allows blocking of user logins. Connected sources corroborate that this entry relates to blocking logins within the Drupal REST/JSON 7.x-1.x module; no root-cause or technical exploit details are provided in the ...

7.5CVSS7.6AI score0.01018EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.31 views

EulerOS Virtualization 3.0.2.2 : libvirt (EulerOS-SA-2020-2209)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows...

8.8CVSS7.3AI score0.00813EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/10/01 12:0 a.m.6 views

PT-2020-18447 · Dell · Dell Xps 13 9370 Bios

Name of the Vulnerable Software and Affected Versions: Dell XPS 13 9370 BIOS versions prior to 1.13.1 Description: The issue is related to improper exception handling. A local attacker with physical access could exploit this to prevent the system from booting until the exploited boot device is...

4.9CVSS4.4AI score0.00298EPSS
Exploits0References3
Veracode
Veracode
added 2020/08/18 8:22 a.m.27 views

Denial Of Service (DoS)

libvirt.so is vulnerable to denial of service DoS. qemu/qemudriver.c mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...

5.7CVSS4.8AI score0.00813EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2020/03/19 2:15 a.m.15 views

CVE-2019-20485

qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...

5.7CVSS5.5AI score0.00813EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/03/19 1:29 a.m.18 views

CVE-2019-20485

qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...

5.8AI score0.00813EPSS
Exploits0References6
Rows per page
Query Builder