Lucene search
K

8751 matches found

CNVD
CNVD
added 2022/04/25 12:0 a.m.21 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35413)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to send a specially crafted file and execute arbitrary code on the target system...

9.8CVSS9.2AI score0.0174EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/25 12:0 a.m.19 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35414)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

9.8CVSS9AI score0.01451EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/25 12:0 a.m.28 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35415)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

9.8CVSS9AI score0.01037EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/25 12:0 a.m.13 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35416)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

9.8CVSS7.8AI score0.01037EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/04/21 5:15 a.m.3 views

CVE-2022-27237

There is a cross-site scripting XSS vulnerability in an NI Web Server component installed with several NI products. Depending on the products in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install ...

6.1CVSS5.8AI score0.00525EPSS
Exploits0References2
NVD
NVD
added 2022/04/21 5:15 a.m.19 views

CVE-2022-27237

There is a cross-site scripting XSS vulnerability in an NI Web Server component installed with several NI products. Depending on the products in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install ...

6.1CVSS0.00525EPSS
Exploits0References1
OSV
OSV
added 2022/04/21 5:15 a.m.7 views

CVE-2022-27237

There is a cross-site scripting XSS vulnerability in an NI Web Server component installed with several NI products. Depending on the products in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install ...

6.1CVSS5.7AI score0.00525EPSS
Exploits0References1
Prion
Prion
added 2022/04/21 5:15 a.m.13 views

Cross site scripting

There is a cross-site scripting XSS vulnerability in an NI Web Server component installed with several NI products. Depending on the products in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install ...

4.3CVSS6AI score0.00525EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2022/04/21 4:32 a.m.28 views

CVE-2022-27237

There is a cross-site scripting XSS vulnerability in an NI Web Server component installed with several NI products. Depending on the products in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install ...

6.2AI score0.00525EPSS
Exploits0References1
CVE
CVE
added 2022/04/21 4:32 a.m.79 views

CVE-2022-27237

CVE-2022-27237 describes a cross-site scripting (XSS) vulnerability in an NI Web Server component used with several NI products. The advisory indicates the affected surface is the NI Web Server component across multiple NI product deployments, with remediation guidance requiring upgrading to one ...

6.1CVSS6AI score0.00525EPSS
Exploits0References1Affected Software5
RedHat Linux
RedHat Linux
added 2022/04/20 2:18 p.m.3 views

OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

7.5CVSS7.4AI score0.03825EPSS
Exploits0References4
HackRead
HackRead
added 2022/04/20 2:16 p.m.10 views

How to Choose the Right Web Development Firm for Your Startup?

By Owais Sultan Finding the right website development firm or team is a challenging task for many startups. Business owners see… This is a post from HackRead.com Read the original post: How to Choose the Right Web Development Firm for Your Startup?...

2AI score
Exploits0
AlmaLinux
AlmaLinux
added 2022/04/20 12:21 p.m.80 views

Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: Improper ECDSA signature verification Libraries, 8277233 CVE-2022-21449 OpenJDK: Defective secure validation in Apache Santuario Libraries, 82780...

7.5CVSS6.3AI score0.46677EPSS
Exploits6References7
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.7 views

Oracle Fusion Middleware 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle USA. The platform provides middleware, software collections, and other capabilities. An input validation error vulnerability exists in the Oracle Applicati...

9.8CVSS7.3AI score0.6201EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2022/04/18 12:58 p.m.29 views

Researchers Share In-Depth Analysis of PYSA Ransomware Group

An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows. This included a user-friendly tool like ...

6.8AI score
Exploits0
hivepro
hivepro
added 2022/04/17 9:38 p.m.65 views

Google Chrome issues an emergency update to address the third zero-day of year 2022

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A zero-day vulnerability has been discovered in Google Chrome versions prior to 100.0.4896.127. A type of confusion vulnerability tracked as CVE-2022-1364, is said to be exploited in the wild. This vulnerability affects the V8...

1.9AI score0.1372EPSS
Exploits2
CNVD
CNVD
added 2022/04/15 12:0 a.m.15 views

Cisco Iox path traversal vulnerability

Cisco Iox is a secure development environment from Cisco that combines Cisco IOS and Linux OS for secure network connectivity and the development of IOT applications. file located on the base host file system...

6.8CVSS2.2AI score0.01197EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/15 12:0 a.m.37 views

Microsoft Visual Studio Elevation of Privilege Vulnerability (CNVD-2022-60135)

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. An elevation of privilege vulnerability exists in Microsoft Visual Studio Code, which stems from...

7.8CVSS7.8AI score0.00753EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/14 12:0 a.m.35 views

Microsoft Visual Studio Code Elevation of Privilege Vulnerability

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. An elevation of privilege vulnerability exists in Microsoft Visual Studio Code, which can be exploit...

7.8CVSS7.3AI score0.0057EPSS
Exploits0References1
Citrix
Citrix
added 2022/04/14 12:0 a.m.8 views

Microsoft Security Update Validation Report April 2022

Microsoft’s April 2022 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

7AI score
Exploits0
Rows per page
Query Builder