Lucene search
K

364 matches found

CNVD
CNVD
added 2018/12/25 12:0 a.m.2 views

Apple iOS (Combo) Password Bypass Vulnerability (CNVD-2018-26455)

Apple iOS is an operating system developed for mobile devices. A password bypass vulnerability exists in Apple iOS Combo. Allowing a local attacker to access sensitive desired data such as contacts, photo gallery or default apps...

6.4AI score
Exploits0References1
CNVD
CNVD
added 2018/12/21 12:0 a.m.2 views

Apache NiFi Denial of Service Vulnerability (CNVD-2018-26519)

Apache NiFi is a data-flow based data processing and distribution system of the Apache Apache Software Foundation, USA. The system supports the configuration and transformation of data routing indicator maps and system intermediary logic. A security vulnerability exists in Apache NiFi versions...

7.5CVSS6.7AI score0.0297EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/20 12:0 a.m.3 views

QEMU Denial of Service Vulnerability (CNVD-2018-25915)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in the implementation of QEMU's generic RDMA backend, which can be exploited by an attacker to cause ...

5.5CVSS7.3AI score0.00488EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/17 12:0 a.m.3 views

Cross-site scripting vulnerability in multiple IBM products (CNVD-2018-26203)

IBM Business Automation Workflow, Business Process Manager, and WebSphere Lombardi Edition are all products of IBM Corporation.IBM Business Automation Workflow is a suite of workflow automation Business Process Manager BPM is a comprehensive business process management platform.WebSphere Lombardi...

6.1CVSS6.4AI score0.01325EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/11 12:0 a.m.2 views

Adobe Acrobat and Reader suffer from a memory out-of-bounds read vulnerability (CNVD-2018-26531)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader memory out-of-bounds read vulnerability, remote attackers can us...

5.5CVSS6.7AI score0.03467EPSS
Exploits0
CNVD
CNVD
added 2018/12/10 12:0 a.m.2 views

IBM DataPower Gateway Information Disclosure Vulnerability (CNVD-2018-26363)

IBM DataPower Gateways is a suite of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interfaces APIs, web, service-oriented architecture SOA, B2B, and cloud workloads that protects, integrates, and optimizes access across channels...

5.9CVSS5.6AI score0.02281EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/07 12:0 a.m.2 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2018-26227)

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server, which can be exploited by...

5.4CVSS5.4AI score0.0066EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/07 12:0 a.m.1 views

Address bar spoofing vulnerability in multiple Apple products (CNVD-2018-24789)

Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. iTunes for Windows is a Windows-based media player and application. iTunes for Windows is one of the components of the Safari...

4.3CVSS6AI score0.01623EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/05 12:0 a.m.1 views

Code execution vulnerability in welive v5.0.0 (CNVD-2018-26245)

WeLive v5.0.0 is an enterprise level customer service system. A code execution vulnerability exists in the welive v5.0.0 file. An attacker can exploit the vulnerability to execute commands...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/12/04 12:0 a.m.3 views

QEMU integer overflow vulnerability (CNVD-2018-25188)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. An integer overflow vulnerability exists in the Bluetooth subsystem in QEMU, which stems from the program's failure to properly handle negativ...

5.7CVSS6.7AI score0.00877EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/29 12:0 a.m.2 views

Access Control Error Vulnerability in Multiple Qualcomm Snapdragon Products (CNVD-2018-24840)

The Qualcomm MDM9206 and others are products of Qualcomm Incorporated of the U.S. The Qualcomm MDM9206 is a central processing unit CPU.The SDX24 is a modem. An access control error vulnerability exists in the kernel of multiple Qualcomm Snapdragon products, which could be exploited by an attacke...

7.8CVSS8AI score0.00248EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/29 12:0 a.m.2 views

Denial of Service Vulnerability in Multiple Schneider Electric Products (CNVD-2018-24634)

Schneider Electric Modicon M340, etc. are programmable logic controller products of Schneider Electric France. A denial of service vulnerability exists in the embedded web server in several Schneider Electric products, which can be exploited by an attacker to cause a denial of service by sending ...

7.5CVSS7.4AI score0.02423EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/29 12:0 a.m.1 views

Multiple Apple Products WebKit Memory Corruption Vulnerability (CNVD-2018-25685)

Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with Mac OS X and iOS; WebKit is an open source web browser engine jointly developed by KDE, Apple, and Google. WebKit is a set of open source Web browser engine jointly developed by KDE, Apple Apple...

8.8CVSS8.6AI score0.01796EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/29 12:0 a.m.3 views

NUUO CMS Code Execution Vulnerability (CNVD-2018-24250)

NUUO CMS is a set of centralized software management platform from NUUO. The platform is used to centrally manage devices such as NVRs hard disk recorders and IP cameras, and provides functions such as user management and alarm management. A security vulnerability exists in NUUO CMS 3.3 and...

9.8CVSS9.5AI score0.19653EPSS
Exploits2References1
CNVD
CNVD
added 2018/11/29 12:0 a.m.4 views

Wireshark ZigBee ZCL Parser Denial of Service Vulnerability (CNVD-2018-24492)

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.ZigBee ZCL dissector is one of the cluster library parsers. A security vulnerability exis...

7.5CVSS7.4AI score0.03141EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.1 views

Google Android Privilege Access Control Vulnerability (CNVD-2018-25314)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege access control vulnerability exists in Yocto in Android, which stems from the program failing to properly configure the daemon. An attacker could exploit the...

7.8CVSS7.8AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

QNAP QTS Cross-Site Scripting Vulnerability (CNVD-2018-24263)

QNAP QTS is a Turbo NAS operating system from QNAP Systems. The system provides file storage, management, backup, multimedia applications and security monitoring. A cross-site scripting vulnerability exists in QNAP QTS version 4.2.6 build 20180711 and earlier, 4.3.3 build 20180725 and earlier, an...

5.5CVSS6.1AI score0.00759EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

TerraMaster TOS System Command Injection Vulnerability (CNVD-2018-26658)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php endpoint in...

9CVSS9.2AI score0.24946EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/26 12:0 a.m.2 views

Interspire Email Marketer SQL Injection Vulnerability (CNVD-2018-26789)

BigCommerec Interspire Email Marketer IEM is a suite of email marketing software from BigCommerec, USA. A SQL injection vulnerability exists in the 'deleteblock' function of the Dynamiccontenttags.php file in BigCommerec IEM 6.1.6 and earlier versions. A remote attacker can exploit this...

8.8CVSS9.1AI score0.00984EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/26 12:0 a.m.4 views

Interspire Email Marketer SQL Injection Vulnerability (CNVD-2018-26788)

BigCommerec Interspire Email Marketer IEM is a suite of email marketing software from BigCommerec, USA. A SQL injection vulnerability exists in the 'updateblock' function of the Dynamiccontenttags.php file in BigCommerec IEM 6.1.6 and earlier versions. A remote attacker can exploit this...

8.8CVSS9.1AI score0.00984EPSS
Exploits0References1
Rows per page
Query Builder