Lucene search
K

156 matches found

CNVD
CNVD
added 2022/01/21 12:0 a.m.21 views

Oracle Communications Operations Monitor has an unspecified vulnerability (CNVD-2022-17348)

Oracle Communications is a product of Oracle Corporation USA. provides integrated communications and cloud solutions for service providers and enterprises to accelerate their digital transformation.A security vulnerability exists in Oracle Communications Operations Monitor, which could be exploit...

5.4CVSS4AI score0.00524EPSS
Exploits0References1
NVD
NVD
added 2021/10/12 3:15 p.m.20 views

CVE-2021-40500

SAP BusinessObjects Business Intelligence Platform Crystal Reports - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the...

7.5CVSS0.01261EPSS
Exploits0References2
CNVD
CNVD
added 2021/05/18 12:0 a.m.8 views

Google TensorFlow heap out-of-bounds read vulnerability (CNVD-2021-37627)

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in Google TensorFlow. An attacker can exploit the vulnerability to read data outside the boundaries of the heap allocation buffer in "tf.raw\u ops.QuantizeAndDequantizeV3"...

7.1CVSS6.5AI score0.00198EPSS
Exploits1References1
CNVD
CNVD
added 2021/03/02 12:0 a.m.9 views

ONLYOFFICE Document Server File Extension Handling Vulnerability

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. ONLYOFFICE Document Server suffers from a file extension handling vulnerability that can be exploited by an attacker requesting data to control file...

9.8CVSS7.8AI score0.43534EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/04 12:0 a.m.6 views

Unspecified Vulnerability in Cisco Firepower Management Center and Cisco Firepower Threat Defense

Cisco Firepower Management Center and Cisco Firepower Threat Defense are both products of Cisco Corporation.Cisco Firepower Management Center is a next-generation firewall management center software.Cisco Firepower Threat Defense is a set of unified software that provides next-generation firewall...

8.1CVSS6.7AI score0.00932EPSS
Exploits0References1
CVE
CVE
added 2020/09/16 7:51 p.m.87 views

CVE-2020-16233

CVE-2020-16233 affects CodeMeter WebAdmin (CodeMeter, prior to version 7.10). A network attacker could send a specially crafted packet to cause the server to return packets containing data from the heap, exposing heap data and potentially enabling further exploitation. The vulnerability is docume...

7.5CVSS7.3AI score0.01842EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2020/03/25 12:0 a.m.255 views

HP ThinPro 6.x / 7.x Filter Bypass

HP ThinPro - Application filter bypass =============================================================================== Identifiers ------------------------------------------------- CVE-2019-16286 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:...

4.6CVSS6.7AI score0.00813EPSS
Exploits1
CISA
CISA
added 2020/01/14 12:0 a.m.12 views

CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Windows CryptoAPI, Windows Remote Desktop Gateway RD Gateway, and Windows Remote Desktop Client. A remote attacker could exploit these...

6.9AI score
Exploits0References6
OSV
OSV
added 2019/11/19 10:15 p.m.10 views

CVE-2011-2924

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileg...

5.5CVSS6.5AI score0.00434EPSS
Exploits0References8
Malwarebytes
Malwarebytes
added 2019/10/14 4:0 p.m.40 views

Europol: Ransomware remains top threat in IOCTA report

The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime Threat Assessment IOCTA report for the year. And we weren’t surprised to find that ransomware, despite its palpable decline in volume these past few months—a trend we’ve also...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/09/23 12:0 a.m.6 views

Xiaomi Millet mobile phones file upload vulnerability

The Xiaomi phone is a smartphone from Xiaomi Information Technology Co. A file upload vulnerability exists in Xiaomi Millet mobile phones. An attacker can exploit the vulnerability to write files or read privileged data...

7.4CVSS6.6AI score0.00781EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/03/08 3:30 p.m.63 views

RSAC 2019: The Dark Side of Machine Learning

SAN FRANCISCO – The same machine-learning algorithms that made self-driving cars and voice assistants possible can be hacked to turn a cat into guacamole or Bach symphonies into audio-based attacks against a smartphone. These are examples of “adversarial attacks” against machine learning systems...

6.7AI score
Exploits0References3
NVD
NVD
added 2019/01/27 2:29 a.m.46 views

CVE-2019-6977

gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigg...

8.8CVSS8.6AI score0.64265EPSS
Exploits7References19
ThreatPost
ThreatPost
added 2018/11/09 9:50 p.m.16 views

Lawsuits Aim Billions in Fines at Equifax and Ad-Targeting Companies

Equifax, Experian and Oracle are among a slate of companies whose business is consumer information, that could soon face billions of dollars in fines for improper data handling. Privacy International has filed complaints against seven corporations, consisting of data brokers Acxiom and Oracle,...

0.2AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2018/07/10 3:0 p.m.59 views

So you’ve been asked to start a threat intel program

Ever since the Mandiant APT1 report landed like a bomb in private sector security reporting, threat intelligence has been a hot buzzword many companies have been chasing over. But what is threat intelligence? What do you need to execute it well? And how many new tools do you need to buy? The...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:13 p.m.34 views

Security Bulletin:Vulnerability in Apache Commons affects IBM Content Collector (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Content Collector. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by...

10CVSS2AI score0.97655EPSS
Exploits10Affected Software1
Cvelist
Cvelist
added 2018/04/19 2:0 p.m.17 views

CVE-2017-17313

The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the la...

5.7AI score0.00557EPSS
Exploits0References1
OSV
OSV
added 2018/01/17 12:0 a.m.6 views

UBUNTU-CVE-2018-2637

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

7.4CVSS6.7AI score0.04618EPSS
Exploits0References4
OSV
OSV
added 2016/08/07 10:59 a.m.23 views

CVE-2016-5773

phpzip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash...

9.8CVSS9.3AI score
Exploits0References12
OSV
OSV
added 2015/09/06 2:59 a.m.8 views

CVE-2015-6820

The ffsbrapply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have...

9.3AI score
Exploits0References5
Rows per page
Query Builder