Lucene search
K

56 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.3 views

SUSE CVE-2020-0093

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

5CVSS8.3AI score0.00301EPSS
Exploits0References8
Malwarebytes
Malwarebytes
added 2022/04/12 10:37 a.m.20 views

USPS “Your package could not be delivered” text is a smishing scam

A scam is doing the rounds which begins with a text from what claims to be the US Postal Service. The SMS reads as follows: "U.S. Postal Service We’re sorry to let you know that your package could not be delivered. To reschedule a delivery please visit bitdotly" I’ve never received an SMS from th...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2022/04/04 12:30 p.m.64 views

Live-Forensicator - Powershell Script To Aid Incidence Response And Live Forensics

Live Forensicator is part of the Black Widow Toolbox, its aim is to assist Forensic Investigators and Incidence responders in carrying out a quick live forensic investigation. It achieves this by gathering different system information for further review for anomalous behaviour or unexpected data...

6.9AI score
Exploits0References2
OSV
OSV
added 2022/03/19 11:3 a.m.5 views

OESA-2022-1586 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

5.5CVSS6.9AI score0.01336EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.4 views

Silicon Graphics LibTIFF 缓冲区错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in Silicon Graphics LibTIFF 4.3.0, which stems from a read...

5.5CVSS6.9AI score0.01336EPSS
Exploits1References16
BDU FSTEC
BDU FSTEC
added 2021/07/22 12:0 a.m.6 views

The vulnerability of the exif_data_save_data_entry function in the library for grammatical analysis of EXIF files in libexif, related to reading beyond the permissible buffer limits, allows a perpetrator to access confidential information or cause service failures.

The vulnerability of the exifdatasavedataentry function in the EXIF-file grammar analysis library libexif is related to reading data beyond the permissible buffer limits. Exploiting this vulnerability could allow an attacker to access confidential information or cause service failures...

9.1CVSS6.9AI score0.03273EPSS
Exploits1References9Affected Software3
RedHat Linux
RedHat Linux
added 2021/03/09 11:15 a.m.1 views

kernel: bad kfree in auditfilter.c may lead to escalation of privilege

A flaw was found in the Linux kernel. A logic error in auditdatatoentry can lead to a local escalation of privilege without user interaction needed. A local attacker with special user privilege could crash the system leading to information leak. The highest threat from this vulnerability is to da...

7.8CVSS6.7AI score0.00213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/09 10:24 a.m.4 views

kernel: bad kfree in auditfilter.c may lead to escalation of privilege

A flaw was found in the Linux kernel. A logic error in auditdatatoentry can lead to a local escalation of privilege without user interaction needed. A local attacker with special user privilege could crash the system leading to information leak. The highest threat from this vulnerability is to da...

7.8CVSS6.7AI score0.00213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/09 9:38 a.m.5 views

kernel: bad kfree in auditfilter.c may lead to escalation of privilege

A flaw was found in the Linux kernel. A logic error in auditdatatoentry can lead to a local escalation of privilege without user interaction needed. A local attacker with special user privilege could crash the system leading to information leak. The highest threat from this vulnerability is to da...

7.8CVSS6.7AI score0.00213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/03 9:36 a.m.3 views

kernel: bad kfree in auditfilter.c may lead to escalation of privilege

A flaw was found in the Linux kernel. A logic error in auditdatatoentry can lead to a local escalation of privilege without user interaction needed. A local attacker with special user privilege could crash the system leading to information leak. The highest threat from this vulnerability is to da...

7.8CVSS6.7AI score0.00213EPSS
Exploits0References4
OSV
OSV
added 2020/12/14 10:15 p.m.1 views

DEBIAN-CVE-2020-0444

In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS6.8AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2020/12/14 10:15 p.m.0 views

UBUNTU-CVE-2020-0444

In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS6.9AI score0.00213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/04 1:48 a.m.2 views

libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

5CVSS7.5AI score0.00301EPSS
Exploits0References4
OSV
OSV
added 2020/05/14 9:15 p.m.3 views

UBUNTU-CVE-2020-0093

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

5CVSS6.9AI score0.00301EPSS
Exploits0References4
CNVD
CNVD
added 2020/03/30 12:0 a.m.1 views

WordPress custom-searchable-data-entry-system SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. custom-searchable-data-entry-system is a custom searchable data entry system used in it. A SQL injection vulnerability exists in...

8.8CVSS8AI score0.01764EPSS
Exploits1References1
OSV
OSV
added 2020/03/27 7:15 p.m.3 views

CVE-2020-10817

The custom-searchable-data-entry-system aka Custom Searchable Data Entry System plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued...

8.8CVSS7.3AI score0.01764EPSS
Exploits1References2
CVE
CVE
added 2020/03/27 6:19 p.m.165 views

CVE-2020-10817

The CVE-2020-10817 entry describes a SQL injection vulnerability in the WordPress plugin “custom-searchable-data-entry-system” (aka Custom Searchable Data Entry System) up to version 1.7.1. The root cause is lack of input validation when constructing or handling SQL statements, enabling an attack...

8.8CVSS8.9AI score0.01764EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/03/07 12:0 a.m.10 views

Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Data Modification and Deletion

The estimated 2,000+ sites running the plugin are vulnerable to Unauthenticated Data Modification and Deletion, including the potential to delete the entire contents of any table in a vulnerable site’s database...

3AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/09/11 12:0 a.m.2 views

Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2019-34770)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

8.8CVSS8AI score0.08328EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/31 12:0 a.m.4 views

Wind River Systems VxWorks Parameter Injection Vulnerability

Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. The vulnerability arises from a network system or product that does not properly filter special characters in parameters...

7.1CVSS7.7AI score0.08311EPSS
Exploits0References1
Rows per page
Query Builder