CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

611 matches found

Prion•added 2020/04/15 12:15 p.m.•17 views

Input validation

Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security ENS for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file...

4.6CVSS5.7AI score0.00121EPSS

Exploits0References1Affected Software1

NVD•added 2020/04/06 4:15 p.m.•11 views

CVE-2020-11544

An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via addcars.php. There are no upload restrictions f...

7.2CVSS7.2AI score0.00435EPSS

Exploits1References1

Cvelist•added 2020/04/06 3:26 p.m.•9 views

CVE-2020-11544

7.2AI score0.00435EPSS

Exploits1References1

CVE•added 2020/04/06 3:26 p.m.•46 views

CVE-2020-11544

Project Worlds Official Car Rental System 1 contains an arbitrary file upload vulnerability in the file-manager upload section (add_cars.php). There are no restrictions on executable file uploads, allowing an admin to run commands on the server with their account. The connected reports confirm th...

7.2CVSS7.1AI score0.00435EPSS

Exploits1References1Affected Software1

NVD•added 2020/03/23 4:15 p.m.•15 views

CVE-2020-9759

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

9.3CVSS6AI score0.00157EPSS

Exploits1References2

OSV•added 2020/03/23 4:15 p.m.•1 views

DEBIAN-CVE-2020-9759

7.8CVSS7.3AI score0.00157EPSS

Exploits1References1

UbuntuCve•added 2020/03/23 4:15 p.m.•27 views

CVE-2020-9759

9.3CVSS7.1AI score0.00157EPSS

Exploits1References5

OSV•added 2020/03/23 4:15 p.m.•1 views

UBUNTU-CVE-2020-9759

7.8CVSS7.1AI score0.00157EPSS

Exploits1References6

Debian CVE•added 2020/03/23 3:36 p.m.•22 views

CVE-2020-9759

9.3CVSS8.4AI score0.00157EPSS

Exploits1

NVD•added 2020/02/25 7:15 p.m.•10 views

CVE-2020-8810

An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. When downloading OBIS codes, it does not verify that the downloaded files are actual OBIS codes and doesn't check for path traversal. This allows the attacker exploiting CVE-2020-8809 to send executable files and place them i...

8.1CVSS8.2AI score0.00678EPSS

Exploits1References2

Prion•added 2020/02/25 7:15 p.m.•5 views

Path traversal

6.8CVSS8.2AI score0.00678EPSS

Exploits2References2Affected Software1

Tenable Nessus•added 2020/01/09 12:0 a.m.•51 views

Cisco NX-OS Software Secure Configuration Bypass (cisco-sa-20190515-nxos-conf-bypass)

According to its self-reported version, Cisco NX-OS Software is affected by a configuration bypass vulnerability due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An authenticated, local attacker can exploit this, by...

7.2CVSS6.6AI score0.0011EPSS

Exploits0References8

Kitploit•added 2020/01/02 11:30 a.m.•120 views

AVCLASS++ - Yet Another Massive Malware Labeling Tool

AVCLASS++ is an appealing complement to AVCLASS 1, a state-of-the-art malware labeling tool. Overview AVCLASS++ is a labeling tool for creating a malware dataset. Addressing malware threats requires constant efforts to create and maintain a dataset. Especially, labeling malware samples is a vital...

6.8AI score

Exploits0References2

OSV•added 2019/12/09 11:15 p.m.•1 views

CVE-2019-4612

IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523...

8.8CVSS6.7AI score

Exploits0References2

NVD•added 2019/12/09 11:15 p.m.•10 views

CVE-2019-4612

8.8CVSS6.8AI score0.00232EPSS

Exploits0References2

Prion•added 2019/12/09 11:15 p.m.•11 views

Design/Logic Flaw

6.5CVSS8.2AI score0.00232EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/12/09 10:30 p.m.•9 views

CVE-2019-4612

6.3CVSS8.3AI score0.00232EPSS

Exploits0References2

Zero Day Initiative•added 2019/11/14 12:0 a.m.•16 views

Symantec Endpoint Protection Manager OpenSSL Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Symantec Endpoint Protection Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS3AI score0.00055EPSS

Exploits0References1

NVD•added 2019/08/07 3:15 p.m.•17 views

CVE-2019-14745

In radare2 before 3.7.0, a command injection vulnerability exists in binsymbols in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in...

7.8CVSS7.9AI score0.04668EPSS

Exploits2References6

OSV•added 2019/08/07 3:15 p.m.•27 views

CVE-2019-14745

7.8CVSS7.8AI score

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by