Lucene search
K

989 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.36 views

RHEL 9 : kernel-rt (RHSA-2023:2148)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2148 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

8.8CVSS7.4AI score0.03763EPSS
Exploits13References93
NVD
NVD
added 2023/05/09 4:15 p.m.16 views

CVE-2020-18280

Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function...

6.1CVSS6.3AI score0.00425EPSS
Exploits1References1
OSV
OSV
added 2023/05/09 4:15 p.m.3 views

CVE-2020-18280

Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function...

6.1CVSS6AI score0.00425EPSS
Exploits1References1
Prion
Prion
added 2023/05/09 4:15 p.m.12 views

Cross site scripting

Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function...

5.8CVSS6.2AI score0.00425EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/09 12:0 a.m.5 views

CVE-2020-18280

Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function...

6.3AI score0.00425EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/05/09 12:0 a.m.19 views

CVE-2020-18280

Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function...

6.3AI score0.00425EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.4 views

Phodal CMD 跨站脚本漏洞

Phodal CMD is a drop-in editor for the WeChat media platform by Fengda Huang, an individual developer in China. A security vulnerability exists in Phodal CMD version v.1.0, which stems from the presence of a cross-site scripting vulnerability that allows local attackers to execute arbitrary code...

6.1CVSS6.4AI score0.00425EPSS
Exploits1References3
CVE
CVE
added 2023/05/09 12:0 a.m.50 views

CVE-2020-18280

Phodal CMD v.1.0 is affected by a Cross Site Scripting vulnerability that allows a local attacker to execute arbitrary code via the EMBED SRC function. Affected component: Phodal CMD, version 1.0. Root cause: EMBED SRC function enables code execution through XSS. In the available documents, explo...

6.1CVSS6.3AI score0.00425EPSS
Exploits1References1Affected Software1
FreeBSD
FreeBSD
added 2023/04/27 12:0 a.m.66 views

go -- multiple vulnerabilities

The Go project reports: crypto/tls: restrict RSA keys in certificates to = 8192 bits Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. Limit this by restricting the size of RSA keys transmitted during handshakes to = 8192...

9.8CVSS7.1AI score0.01837EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/04/25 8:44 p.m.31 views

CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in the current directory, if it exists

Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...

7.2CVSS8.1AI score0.0038EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/25 8:44 p.m.11 views

CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in the current directory, if it exists

Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...

7.2CVSS7AI score0.0038EPSS
Exploits0References2
OSV
OSV
added 2023/04/21 3:15 p.m.4 views

CVE-2023-29915

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

4.9CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/04/21 3:15 p.m.21 views

CVE-2023-29915

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

4.9CVSS5.4AI score0.00787EPSS
Exploits0References1
Prion
Prion
added 2023/04/21 3:15 p.m.12 views

Stack overflow

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

3.3CVSS5.5AI score0.00787EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/21 12:0 a.m.6 views

CVE-2023-29915

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

5.4AI score0.00787EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/21 12:0 a.m.3 views

PT-2023-22472 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the CMD parameter at the "/goform/aspForm" API endpoint. Recommendations: For H3C Magic R200 version R200V100R004, consider disabling access to the...

4.9CVSS7.3AI score0.00787EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/04/21 12:0 a.m.22 views

CVE-2023-29915

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

5.7AI score0.00787EPSS
Exploits0References1
CVE
CVE
added 2023/04/21 12:0 a.m.61 views

CVE-2023-29915

The CVE-2023-29915 issue affects H3C Magic R200 (version R200V100R004 ). The vulnerability is a stack overflow triggered via the CMD parameter at the API endpoint /goform/aspForm . CVSS shows a Medium severity (4.9) with network access, low attack complexity, and high impact to availability, whil...

4.9CVSS5.4AI score0.00787EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/13 7:15 a.m.18 views

Integer overflow

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target...

4.3CVSS7.9AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2023/04/04 4:46 a.m.98 views

CVE-2022-40532

CVE-2022-40532 affects Qualcomm WLAN/WMI command handling, where memory corruption can occur due to an integer overflow or wraparound when sending a WMI command from the host to the target. The issue is tied to Qualcomm chipset/WLAN firmware and is described as memory corruption with potential hi...

8.4CVSS8.2AI score0.00116EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder