Lucene search
K

15 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A vulnerability exists starting from version 2.2, and is related to out-of-bounds reads and integer overflow leading to buffer overflow. This vulnerability is present in versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, the Redis BIT...

7.5CVSS7.5AI score0.31049EPSS
Exploits0References2
CNVD
CNVD
added 2025/08/20 12:0 a.m.4 views

Ivanti Avalanche Code Execution Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti for managing mobile devices such as smartphones and tablets. A code execution vulnerability exists in Ivanti Avalanche, which stems from an incomplete configuration restriction, and can be exploited by an attacker to...

7.2CVSS8.1AI score0.01138EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/05/28 12:0 a.m.8 views

CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

6.1CVSS5.8AI score0.00195EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/05/28 12:0 a.m.10 views

CVE-2025-32801

Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through...

7.8CVSS5.8AI score0.00233EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:12 a.m.9 views

CVE-2017-13911

A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2...

9.3CVSS6.2AI score0.00907EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.2 views

PT-2025-4766

Name of the Vulnerable Software and Affected Versions Yubico pam-u2f versions prior to 1.3.1 Description The issue allows for an authentication bypass in some configurations, potentially leading to local privilege escalation. An attacker would require access to the system as an unprivileged user...

7.3CVSS9.2AI score0.00397EPSS
Exploits0References74
Cvelist
Cvelist
added 2022/10/28 9:24 a.m.31 views

CVE-2022-3321 Lock WARP switch feature bypass on WARP mobile client for iOS

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in...

6.7CVSS8.1AI score0.0037EPSS
Exploits0References1
Prion
Prion
added 2017/07/19 6:29 p.m.14 views

Design/Logic Flaw

The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel...

10CVSS9.4AI score0.02356EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/07/19 6:29 p.m.13 views

CVE-2017-7977

The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel...

10CVSS9.5AI score0.02356EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/07/19 6:0 p.m.18 views

CVE-2017-7977

The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel...

9.6AI score0.02356EPSS
Exploits0References1
CVE
CVE
added 2017/07/19 6:0 p.m.45 views

CVE-2017-7977

The CVE affects Unicon Software eLux RP, specifically the Screensavercc component, with impact on versions prior to 5.5.0. An attacker can inject commands through the local configuration dialog in the control panel to bypass configuration restrictions and execute arbitrary commands with root priv...

10CVSS9.3AI score0.02356EPSS
Exploits0References1Affected Software1
Kaspersky
Kaspersky
added 2015/11/10 12:0 a.m.44 views

KLA11372 Multiple vulnerabilities in OpenOffice

Multiple serious vulnerabilities have been found in OpenOffice. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities: Below is a complete list of vulnerabilities: 1. Lack o...

6.8CVSS8.7AI score0.13826EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/08/23 12:0 a.m.17 views

FreeBSD : rssh -- configuration restrictions bypass (a4598875-ec91-11e1-8bd8-0022156e8794)

Derek Martin rssh maintainer reports : John Barber reported a problem where, if the system administrator misconfigures rssh by providing too few access bits in the configuration file, the user will be given default permissions scp to the entire system, potentially circumventing any configured...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/07/17 12:0 a.m.15 views

Juniper Junos load factory-default Privilege Escalation (PSN-2012-07-646)

According to its self-reported version number, the remote Junos device has a privilege escalation vulnerability. When the 'load factory-default' command fails in exclusive edit mode, the user is no longer subject to any command or configuration restrictions. C Tenable Network Security, Inc...

5.6AI score
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2004/07/15 12:0 a.m.43 views

PHP: Multiple security vulnerabilities

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version of PHP, or can run stand-alone in a CLI. Description Several security vulnerabilities were found and fixed in version 4.3...

6.8CVSS6.9AI score0.54856EPSS
Exploits4
Rows per page
Query Builder