Lucene search
K

226 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-12535

Malware in sbrugna...

8.2CVSS8.3AI score0.01237EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-12467

Malware in sbrugna...

8.2CVSS8.3AI score0.01237EPSS
Exploits0References3
ICS
ICS
added 2020/12/08 12:0 a.m.34 views

Siemens SIMATIC Controller Web Servers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Controller Web Servers Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

7.5CVSS7.6AI score0.01591EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/02/06 8:13 p.m.40 views

CVE-2019-2989

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

6.8CVSS6.5AI score0.03239EPSS
Exploits0References3
Hacker One
Hacker One
added 2019/12/27 6:5 a.m.99 views

Kubernetes: Man in the middle using LoadBalancer or ExternalIPs services

I rated this vulnerability as high because trying to rate it with CVSS v3.0 Calculator gives me 9.9 which seems way too high as you do require to be able to create services in the K8S cluster. Summary: This report details 2 ways to man in the middle traffic by: a creating a LoadBalancer service a...

6CVSS5.6AI score0.09274EPSS
Exploits3
NVD
NVD
added 2019/07/18 7:15 p.m.19 views

CVE-2019-8286

Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage for example, via clicking phishing link. Vulnerability has CVSS v3.0 base...

4.3CVSS4.4AI score0.02211EPSS
Exploits0References2
Prion
Prion
added 2019/07/18 7:15 p.m.21 views

Information disclosure

Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage for example, via clicking phishing link. Vulnerability has CVSS v3.0 base...

4.3CVSS4.4AI score0.02211EPSS
Exploits0References2Affected Software5
CVE
CVE
added 2019/07/18 6:34 p.m.86 views

CVE-2019-8286

CVE-2019-8286 concerns Kaspersky URL Advisor in multiple Kaspersky products. The issue stems from how the URL Advisor injects a remotely-hosted JavaScript into pages, where the injected URL contained a unique, per-user identifier. This could allow websites or third-party services to read the Kasp...

4.3CVSS4.3AI score0.02211EPSS
Exploits0References2Affected Software5
ThreatPost
ThreatPost
added 2019/05/14 3:21 p.m.216 views

Linux Kernel Flaw Allows Remote Code-Execution

Millions of Linux systems could be vulnerable to a high-impact race condition flaw in the Linux kernel. Kernel versions prior to 5.0.8 are affected by the vulnerability CVE-2019-11815, which exists in the rdstcpkillsock in net/rds/tcp.c. “There is a race condition leading to a use-after-free UAF,...

9.3CVSS0.5AI score0.04458EPSS
Exploits1References12
Hacker One
Hacker One
added 2017/06/25 7:53 a.m.103 views

RubyGems: No limit of summary length allows Denail of Service

Currently, there is no limit for summary length. I think, pushing a gem whose summary is huge, will make gem search unavailable. This is not Arbitrary Code Execution, but really easy to attack. According to CVSS v3.0 Calculator, the severity is High 7.5. How to attack 1 An attacker creates a gem...

5CVSS0.4AI score0.08491EPSS
Exploits1
NVD
NVD
added 2017/01/27 10:59 p.m.14 views

CVE-2017-3440

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

8.2CVSS8.2AI score0.01795EPSS
Exploits0References3
NVD
NVD
added 2017/01/27 10:59 p.m.16 views

CVE-2017-3442

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

8.2CVSS8.2AI score0.01404EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.24 views

CVE-2017-3438

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.14 views

CVE-2017-3424

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.14 views

CVE-2017-3419

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: User Interface. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technica...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.19 views

CVE-2017-3423

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.17 views

CVE-2017-3383

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.21 views

CVE-2017-3378

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.17 views

CVE-2017-3389

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

8.2CVSS8.2AI score0.01404EPSS
Exploits0References2
NVD
NVD
added 2017/01/27 10:59 p.m.18 views

CVE-2017-3379

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

8.2CVSS8.2AI score0.01237EPSS
Exploits0References2
Rows per page
Query Builder