Lucene search
K

611 matches found

OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-1279)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.02462EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/15 12:0 a.m.49 views

Microsoft Windows Multiple Vulnerabilities (KB4534306)

This host is missing a critical security update according to Microsoft KB4534306 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.3AI score0.99222EPSS
Exploits24References3
NVD
NVD
added 2019/11/26 4:15 a.m.16 views

CVE-2019-15996

A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An...

7.2CVSS6.7AI score0.00518EPSS
Exploits0References1
Prion
Prion
added 2019/11/26 4:15 a.m.16 views

Design/Logic Flaw

A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An...

7.2CVSS6.8AI score0.00518EPSS
Exploits0References1
CVE
CVE
added 2019/11/26 3:41 a.m.91 views

CVE-2019-15996

CVE-2019-15996 : Cisco DNA Spaces: Connector contains a local privilege-escalation vulnerability. An authenticated, local attacker can exploit insufficient restrictions when executing an affected CLI command to elevate privileges and run arbitrary commands as root, potentially modifying sensitive...

7.2CVSS6.7AI score0.00518EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/07 8:15 p.m.20 views

Input validation

Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message...

6.5CVSS8.3AI score0.03024EPSS
Exploits0References15Affected Software3
CNVD
CNVD
added 2019/11/07 12:0 a.m.5 views

Cisco Web Security Appliance AsyncOS Software Access Control Error Vulnerability

The Cisco Web Security Appliance WSA is a web security appliance from Cisco. The appliance provides SaaS-based access control, real-time web reporting and tracking, and security policy formulation.AsyncOS Software is the operating system used in it. AsyncOS Software is an operating system used in...

8.8CVSS6.8AI score0.00981EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/10/30 12:0 a.m.34 views

Apple Mac OS X Security Updates (HT210722)-02

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.3AI score0.0442EPSS
Exploits2References1
NVD
NVD
added 2019/10/09 8:15 p.m.17 views

CVE-2019-0070

An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. This leads to the attacker being able to ta...

8.8CVSS8.8AI score0.00395EPSS
Exploits0References1
Prion
Prion
added 2019/10/09 8:15 p.m.17 views

Input validation

An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. This leads to the attacker being able to ta...

7.2CVSS8.7AI score0.00395EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/10/09 12:0 a.m.55 views

Microsoft Windows Multiple Vulnerabilities (KB4520005)

This host is missing a critical security update according to Microsoft KB4520005 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

9.9CVSS6.9AI score0.76451EPSS
Exploits6References3
BDU FSTEC
BDU FSTEC
added 2019/09/27 12:0 a.m.9 views

The vulnerability of Firefox ESR, related to privilege management errors, allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of Firefox ESR is related to privilege management errors. Exploiting this vulnerability allows a remote attacker to increase their privileges and execute arbitrary code...

8.1CVSS5.9AI score0.02114EPSS
Exploits0References6Affected Software4
Gentoo Linux
Gentoo Linux
added 2019/09/08 12:0 a.m.123 views

D-Bus: Authentication bypass

Background D-Bus is a message bus system which processes can use to talk to each other. Description It was discovered that a local attacker could manipulate symbolic links in their own home directory to bypass authentication and connect to a DBusServer with elevated privileges. Impact A local...

7.1CVSS2.5AI score0.00555EPSS
Exploits0
NVD
NVD
added 2019/08/07 10:15 p.m.26 views

CVE-2019-1945

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance ASA could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these...

7.8CVSS6.8AI score0.00298EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/06/28 12:0 a.m.24 views

Foxit Reader Privilege Escalation Vulnerability - Mac OS X

Foxit Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:reader";...

7.8CVSS8.5AI score0.00545EPSS
Exploits0References1
NVD
NVD
added 2019/06/20 3:15 a.m.21 views

CVE-2019-1625

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by...

7.8CVSS7.6AI score0.00419EPSS
Exploits0References2
CVE
CVE
added 2019/06/20 2:45 a.m.246 views

CVE-2019-1625

CVE-2019-1625 affects Cisco SD-WAN Solution CLI. An authenticated, local attacker can bypass authorization and escalate privileges to root due to insufficient enforcement in the CLI. Exploitation would allow privileged configuration changes on affected devices. Mitigation observed in connected so...

7.8CVSS7.5AI score0.00419EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/04/25 9:29 p.m.22 views

CVE-2019-11489

Incorrect Access Control in the Administrative Management Interface in SimplyBook.me Enterprise before 2019-04-23 allows Authenticated Low-Priv Users to Elevate Privileges to Full Admin Rights via a crafted HTTP PUT Request, as demonstrated by modified JSON data to a /v2/rest/ URI...

9CVSS8.5AI score0.02563EPSS
Exploits1References2
Prion
Prion
added 2019/04/25 9:29 p.m.18 views

Improper access control

Incorrect Access Control in the Administrative Management Interface in SimplyBook.me Enterprise before 2019-04-23 allows Authenticated Low-Priv Users to Elevate Privileges to Full Admin Rights via a crafted HTTP PUT Request, as demonstrated by modified JSON data to a /v2/rest/ URI...

9CVSS8.4AI score0.02563EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/04/25 8:2 p.m.50 views

CVE-2019-11489

CVE-2019-11489 affects SimplyBook.me Enterprise (older releases) where the Administrative Management Interface enforces incorrect access control. Affected: authenticated low-privilege users; vulnerability allows elevation to full admin rights via a crafted HTTP PUT to a /v2/rest/ endpoint with mo...

9CVSS8.3AI score0.02563EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder