Lucene search
K

7652 matches found

Cvelist
Cvelist
added 2021/06/25 5:40 p.m.20 views

CVE-2020-4609

IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...

7.4CVSS7.8AI score0.00295EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/25 12:0 a.m.7 views

Google Android MmsService.java Elevation of Privilege Vulnerability

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android MmsService.java. The vulnerability stems from a lack of permission checking in archiveStoredConversation in MmsService.jav...

7.8CVSS6.8AI score0.00107EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/25 12:0 a.m.5 views

Google Android onReceive elevation of privilege vulnerability

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android onReceive. The vulnerability stems from a lack of permission checking in onReceive of NetInitiatedActivity.java. An attack...

7.8CVSS6.4AI score0.00108EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/25 12:0 a.m.5 views

Google Android Information Disclosure Vulnerability (CNVD-2021-45314)

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an information disclosure vulnerability. The vulnerability stems from a lack of permission checking in updateNotification in BeamTransferManager.java. An...

5.5CVSS5.9AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2021/06/23 5:53 p.m.18 views

GHSA-W942-GW6M-P62C Denial of service in GJSON

GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON. Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector...

7.5CVSS7.2AI score0.01662EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2021/06/23 5:53 p.m.52 views

Denial of service in GJSON

GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON. Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector...

7.5CVSS7.2AI score0.01662EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2021/06/23 12:0 a.m.4 views

Google Android Information Disclosure Vulnerability (CNVD-2021-44936)

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android 11 suffers from an information disclosure vulnerability. The vulnerability arises due to an out-of-bounds write due to a lack of bounds checking in...

5.5CVSS5.9AI score0.00465EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.3 views

The vulnerability of the Bluetooth stack implementation in the Red Hat Enterprise Linux kernel allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Bluetooth stack implementation in the Red Hat Enterprise Linux kernel is related to access to data without type checking. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

8.8CVSS7.9AI score0.01765EPSS
Exploits5References2Affected Software1
OSV
OSV
added 2021/06/22 8:15 p.m.12 views

CVE-2021-32700

Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...

7.4CVSS6.9AI score
Exploits0References2
Prion
Prion
added 2021/06/22 8:15 p.m.11 views

Code injection

Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...

5.8CVSS7.4AI score0.00579EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/06/22 7:30 p.m.18 views

CVE-2021-32700 Supply chain attack via MiTM against users

Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...

9.1CVSS9.3AI score0.00579EPSS
Exploits0References2
CVE
CVE
added 2021/06/22 7:30 p.m.65 views

CVE-2021-32700

CVE-2021-32700 affects the Ballerina platform. Vulnerable in: Ballerina 1.2.x and Swan Lake (SL) releases up to alpha 3. Issue: HTTP connections did not perform TLS/certificate checks, enabling a MITM to substitute or modify packages from the BC registry and inject malicious code into ballerina e...

9.1CVSS7.6AI score0.00579EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/06/18 12:0 a.m.66 views

Ubuntu 18.04 LTS / 20.04 LTS : GRUB 2 vulnerabilities (USN-4992-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4992-1 advisory. Mt Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An...

8.2CVSS8AI score0.01738EPSS
Exploits0References7
CNVD
CNVD
added 2021/06/17 12:0 a.m.10 views

Nextcloud Mail Access Control Error Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Mail that stems from a lack of permission checking in Nextcloud Mail.Nextcloud Mail version 1.9.5 an...

4.3CVSS6.5AI score0.00988EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/16 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2021-43395)

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from an out-of-bounds write in the memory management driver due to a lack of boundary checking...

7.8CVSS6.7AI score0.00132EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/16 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2021-43394)

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from an out-of-bounds write in the memory management driver due to a lack of boundary checking...

7.8CVSS6.7AI score0.00132EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/16 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2021-43383)

Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability is caused due to a privilege checking error in the memory management driver. An attacker could exploit...

7.8CVSS6.5AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/11 12:0 a.m.5 views

Samsung Health 代码问题漏洞

Samsung Health is a health management app from Samsung South Korea. Samsung Health suffers from a code issue vulnerability that stems from an improper checking vulnerability in Samsung Health. Exploitation of the vulnerability allows an attacker to read internal cached data via the export compone...

5.3CVSS5.9AI score0.00793EPSS
Exploits0References1
OSV
OSV
added 2021/06/10 3:15 a.m.2 views

DEBIAN-CVE-2021-3588

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...

3.3CVSS5.8AI score0.0045EPSS
Exploits1References1
OSV
OSV
added 2021/06/10 3:15 a.m.4 views

UBUNTU-CVE-2021-3588

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...

3.3CVSS6.1AI score0.0045EPSS
Exploits1References3
Rows per page
Query Builder