Lucene search
+L

73 matches found

OSV
OSV
added 2020/03/04 7:15 p.m.5 views

CVE-2020-3185

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient input validati...

5.4CVSS6.1AI score0.00628EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2018/12/12 12:0 a.m.51 views

Apache OFBiz 16.11.05 Cross Site Scripting

Exploit Title: Apache OFBiz v16.11.05 - Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 09 - December - 2018 Exploit Author: DKM Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-16.11.05.zip Version: v16.11.05 Test...

7.4AI score
Exploits0
OSV
OSV
added 2018/01/25 11:29 p.m.5 views

CVE-2016-10710

Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...

8.1CVSS5.8AI score0.01112EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/06/15 12:0 a.m.248 views

Debian DSA-3284-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2015-3209 Matt Tait of Google's Project Zero security team discovered a flaw in the way QEMU's AMD PCnet Ethernet emulation handles multi-TMD packets with a length above 4096 bytes. A privileged guest user in a gues...

7.8CVSS8.2AI score0.09668EPSS
Exploits0References19
OpenVAS
OpenVAS
added 2015/06/12 12:0 a.m.30 views

Citrix XenServer Multiple Security Updates (CTX201145)

A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.5 Service Pack 1...

7.8CVSS7.8AI score0.03427EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/04 12:0 a.m.4 views

Xen Denial of Service Vulnerability (CNVD-2015-03573)

Xen is an open source virtual machine monitor. Xen versions 3.3.x-4.5.x, fail to properly restrict write access to the host MSI message data field, which can be exploited by local x86 HVM client administrators to cause a denial of service unexpected outage and host crash...

4.9CVSS6.3AI score0.0045EPSS
Exploits0References1
OSV
OSV
added 2015/06/03 12:0 a.m.5 views

UBUNTU-CVE-2015-4103

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service host interrupt handling confusion via vectors related to qemu and accessing spanning multiple fields...

4.9CVSS7.2AI score0.0045EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2015/06/02 12:0 a.m.49 views

xen-tools -- Potential unintended writes to host MSI message data field via qemu

The Xen Project reports: Logic is in place to avoid writes to certain host config space fields when the guest must nevertheless be able to access their virtual counterparts. A bug in how this logic deals with accesses spanning multiple fields allows the guest to write to the host MSI message data...

4.9CVSS8.2AI score0.0045EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/24 12:0 a.m.29 views

Multiple Cross-Site Scripting Vulnerabilities in IBM Business Process Manager

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in Proce...

3.5CVSS6AI score0.00999EPSS
Exploits0References1
NVD
NVD
added 2013/10/28 10:55 p.m.20 views

CVE-2013-4391

Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...

7.5CVSS7.9AI score0.05341EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2013/10/28 10:55 p.m.28 views

CVE-2013-4391

Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...

7.5CVSS6.5AI score0.05341EPSS
Exploits1References1
Prion
Prion
added 2013/10/28 10:55 p.m.19 views

Integer overflow

Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...

7.5CVSS8.6AI score0.05341EPSS
Exploits1References6Affected Software2
Snyk
Snyk
added 2011/03/20 2:0 a.m.1 views

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. Double free vulnerability in the prepareerroras function in doasreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers...

8.1CVSS7.3AI score0.08267EPSS
Exploits0References2
Rows per page
Query Builder