Lucene search
K

9461 matches found

ICS
ICS
added 2021/01/05 12:0 a.m.91 views

Schneider Electric Web Server on Modicon M340

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Classic Buffer Overflow 2. RISK...

8.8CVSS9.5AI score0.01087EPSS
Exploits0References5
Talos
Talos
added 2021/01/04 12:0 a.m.37 views

Win-911 mobile server platform privilege escalation vulnerability

Summary An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other...

9.3CVSS9.2AI score0.00608EPSS
Exploits1
WPVulnDB
WPVulnDB
added 2020/12/24 12:0 a.m.12 views

WP Postratings < 1.86.1 - Authenticated Stored Cross-Site Scripting

The plugin does not sanitise the postratingsimage parameter from its options page wp-admin/admin.php?page=wp-postratings/postratings-options.php. Even though the page is only accessible to administrators, and protected against CSRF attacks, the issue is still exploitable when the unfilteredhtml...

1.3AI score
Exploits0References1Affected Software1
Prion
Prion
added 2020/12/22 10:15 p.m.15 views

Design/Logic Flaw

Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure Identity and Access Management. Successful attacks of th...

6.5CVSS3.5AI score0.00834EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/22 9:40 p.m.27 views

CVE-2020-14874

Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure Identity and Access Management. Successful attacks of th...

4.7CVSS3.4AI score0.00834EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/12/22 12:0 a.m.27 views

Debian DLA-2503-1 : node-ini security update

It was discovered that there was an issue in node-ini, a .ini format parser and serializer for Node.js, where an application could be exploited by a malicious input file. For Debian 9 'Stretch', this problem has been fixed in version 1.1.0-1+deb9u1. We recommend that you upgrade your node-ini...

9.8CVSS6.8AI score0.03612EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/12/21 12:33 p.m.3 views

Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird...

9.3CVSS7.2AI score0.01227EPSS
Exploits0References5
ICS
ICS
added 2020/12/17 12:0 a.m.449 views

PTC Kepware KEPServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

9.8CVSS10AI score0.10062EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/12/15 6:32 p.m.21 views

CVE-2020-26974

The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...

8.8CVSS1.3AI score0.01467EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/12/15 12:0 a.m.23 views

CVE-2020-26974

When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR...

8.8CVSS7.2AI score0.01467EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/14 12:53 p.m.5 views

Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird...

9.3CVSS7.2AI score0.01227EPSS
Exploits0References5
NVD
NVD
added 2020/12/09 1:15 a.m.18 views

CVE-2020-26959

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS8.3AI score0.01275EPSS
Exploits0References4
NVD
NVD
added 2020/12/09 1:15 a.m.15 views

CVE-2020-26960

If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

9.3CVSS8.3AI score0.0155EPSS
Exploits0References4
Prion
Prion
added 2020/12/09 1:15 a.m.25 views

Memory corruption

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

9.3CVSS8.4AI score0.01154EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/12/09 1:15 a.m.26 views

Design/Logic Flaw

If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

9.3CVSS8.1AI score0.0155EPSS
Exploits0References4Affected Software3
CVE
CVE
added 2020/12/09 12:23 a.m.300 views

CVE-2020-26960

CVE-2020-26960 is a use-after-free vulnerability caused by reallocation during Compact() on nsTArray, affecting Firefox &lt;83, Firefox ESR &lt;78.5, and Thunderbird

9.3CVSS8.3AI score0.0155EPSS
Exploits0References4Affected Software3
Cvelist
Cvelist
added 2020/12/09 12:22 a.m.19 views

CVE-2020-26959

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.4AI score0.01275EPSS
Exploits0References4
CVE
CVE
added 2020/12/09 12:22 a.m.292 views

CVE-2020-26959

CVE-2020-26959 is a use-after-free in the WebRequestService during browser shutdown, potentially enabling memory corruption and a crash in Firefox/Thunderbird prior to the fixed versions. Connected advisories confirm this affects Firefox &lt;83, Firefox ESR &lt;78.5, and Thunderbird

8.8CVSS8.3AI score0.01275EPSS
Exploits0References4Affected Software3
Debian CVE
Debian CVE
added 2020/12/09 12:22 a.m.42 views

CVE-2020-26959

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS9.5AI score0.01275EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/12/09 12:22 a.m.45 views

CVE-2020-26959

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS8.6AI score0.01275EPSS
Exploits0
Rows per page
Query Builder