Lucene search
K

138 matches found

CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Google Tensorflow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the er optimizer in TensorFlow that can cause a denial of service by modifying the SavedModel so that issimplifiableshape will...

6.5CVSS5.6AI score0.01151EPSS
Exploits1References6
Openbugbounty
Openbugbounty
added 2021/08/21 4:56 a.m.21 views

er-journal.com Cross Site Scripting vulnerability OBB-2120742

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
CNVD
CNVD
added 2021/04/30 12:0 a.m.5 views

Command Execution Vulnerability in H3C ER G2 Series Routers

H3C ER G2 series is a new generation of enterprise-grade Gigabit high-performance routers launched by Hangzhou Huasan Communication Technology Co. It is targeted at the SMB market of Ethernet/fiber/xDSL access, which mainly includes network environments of government agencies, small and...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/04/28 12:0 a.m.2 views

Binary Vulnerability in H3C ER G2 Series Routers

H3C ER G2 series is a new generation of enterprise-class Gigabit high-performance routers launched by Hangzhou Huasan Communication Technology Co. A binary vulnerability exists in the H3C ER G2 series routers, which can be exploited by attackers to cause a denial of service...

6.9AI score
Exploits0
CVE
CVE
added 2020/11/04 4:59 p.m.45 views

CVE-2020-22275

The CVE describes a CSV injection in WordPress Easy Registration Forms (ER Forms) plugin v2.0.6, where attacker-supplied entries with malicious CSV commands are not sanitized, enabling code execution when an admin exports CSV data. Affected component: ER Forms plugin for WordPress; root cause: in...

8.8CVSS8.6AI score0.02144EPSS
Exploits1References3Affected Software1
Openbugbounty
Openbugbounty
added 2020/10/25 1:17 p.m.7 views

er-teknikservis.com Cross Site Scripting vulnerability OBB-1445424

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.1072 views

IQrouter 3.3.1 Firmware - Remote Code Execution

Exploit Title: IQrouter 3.3.1 Firmware - Remote Code Execution Date: 2020-04-21 Exploit Author: drakylar Vendor Homepage: https://evenroute.com/ Software Link: https://evenroute.com/iqrouter Version: IQrouter firmware up to 3.3.1 Tested on: IQrouter firmware 3.3.1 CVE : N/A !/usr/bin/env python3...

9.8CVSS8.6AI score0.03189EPSS
Exploits3
CNVD
CNVD
added 2020/04/09 12:0 a.m.1 views

Changsha Tian Er Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities

Changsha Tian Er Network Technology Co., Ltd. is a technology-based development company. Changsha Tian Er Network Technology Co., Ltd. has a SQL injection vulnerability in its website builder system, which can be exploited by attackers to obtain sensitive information from the database...

7.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/03/10 8:41 p.m.7 views

er-go.it Cross Site Scripting vulnerability OBB-1115510

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.3AI score
Exploits0
NVD
NVD
added 2020/01/30 2:15 p.m.19 views

CVE-2013-0725

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...

7.8CVSS8.1AI score0.00451EPSS
Exploits0References2
Prion
Prion
added 2020/01/30 2:15 p.m.12 views

Design/Logic Flaw

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...

6.9CVSS8.3AI score0.00451EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/01/30 1:3 p.m.22 views

CVE-2013-0725

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...

8.1AI score0.00451EPSS
Exploits0References2
CVE
CVE
added 2020/01/30 1:3 p.m.41 views

CVE-2013-0725

CVE-2013-0725 affects ERDAS ER Viewer 13.0. The vulnerability involves the libraries dwmapi.dll and irml.dll , enabling arbitrary code execution. The CVE is referenced across NVD/Red Hat entries with the same description. Documented impact indicates potential code execution with local access; CVS...

7.8CVSS8AI score0.00451EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2019/10/30 12:0 a.m.63 views

Ajenti 2.1.31 - Remote Code Exection Exploit

Exploit for jsp platform in category web applications Exploit Title: Ajenti 2.1.31 - Remote Code Exection Metasploit Exploit Author: Onur ER Vendor Homepage: http://ajenti.org/ Software Link: https://github.com/ajenti/ajenti Version: 2.1.31 Tested on: Ubuntu 19.10 This module requires Metasploit:...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/09/19 12:0 a.m.4 views

The vulnerability of the setsystemparams procedure of the Ghostscript file conversion program allows a attacker to execute arbitrary commands or gain access to the file system.

The vulnerability of the setsystemparams procedure in the Ghostscript program for converting PostScript format files is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands or gain access to the file system ...

10CVSS5.8AI score0.11397EPSS
Exploits0References13Affected Software6
NVD
NVD
added 2019/02/22 8:29 p.m.18 views

CVE-2019-9019

The British Airways Entertainment System, as installed on Boeing 777-36NER and possibly other aircraft, does not prevent the USB charging/data-transfer feature from interacting with USB keyboard and mouse devices, which allows physically proximate attackers to conduct unanticipated attacks agains...

6.8CVSS7.4AI score0.0048EPSS
Exploits1References1
Prion
Prion
added 2019/02/22 8:29 p.m.13 views

Buffer overflow

The British Airways Entertainment System, as installed on Boeing 777-36NER and possibly other aircraft, does not prevent the USB charging/data-transfer feature from interacting with USB keyboard and mouse devices, which allows physically proximate attackers to conduct unanticipated attacks agains...

4.6CVSS7.4AI score0.0048EPSS
Exploits1References1
CVE
CVE
added 2019/02/22 8:0 p.m.38 views

CVE-2019-9019

CVE-2019-9019 relates to the British Airways Entertainment System (installed on Boeing 777-36N(ER) and possibly others). The issue arises because the USB charging/data-transfer feature does not prevent interaction with connected USB keyboard/mouse devices, enabling physically proximate attackers ...

6.8CVSS7.3AI score0.0048EPSS
Exploits1References1Affected Software1
Nmap
Nmap
added 2019/02/09 8:8 p.m.783 views

ubiquiti-discovery NSE Script

Extracts information from Ubiquiti networking devices. This script leverages Ubiquiti's Discovery Service which is enabled by default on many products. It will attempt to leverage version 1 of the protocol first and, if that fails, attempt version 2. Example Usage nmap -sU -p 10001 --script...

10CVSS9.3AI score0.99448EPSS
Exploits33
OSV
OSV
added 2018/01/11 4:29 p.m.4 views

CVE-2017-15629

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptpclient.lua file...

7.2CVSS6AI score0.04367EPSS
Exploits4References2
Rows per page
Query Builder