Lucene search
K

8696 matches found

OSV
OSV
added 2018/07/31 8:29 p.m.4 views

CVE-2018-14247

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.2AI score0.02773EPSS
Exploits0References2
Hacker One
Hacker One
added 2018/07/30 5:57 p.m.18 views

U.S. Dept Of Defense: ████ █████ exposes highly sensitive information to public

Summary: www.██████ is a system used by ██████ for vendors to upload details of their technology for review by ███. Due to an insecure direct object reference vulnerability, all vendor uploads are accessible to the public, without authentication. This includes Unclass//FOUO documents, documents...

6.7AI score
Exploits0
OSV
OSV
added 2018/07/27 9:29 p.m.2 views

DEBIAN-CVE-2017-15118

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...

9.8CVSS7.4AI score0.11931EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2018/07/27 9:0 p.m.22 views

CVE-2017-15118

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...

9.8CVSS7.6AI score0.11931EPSS
Exploits3
Kitploit
Kitploit
added 2018/07/26 9:56 p.m.24 views

FF Password Exporter - Easily Export Your Passwords From Firefox

It can be difficult to export your passwords from Firefox. Since version 57 of Firefox Quantum existing password export addons no longer work. Mozilla provides no other official alternatives. FF Password Exporter makes it quick and easy to export all of your passwords from Firefox. You can use FF...

7.3AI score
Exploits0References1
OSV
OSV
added 2018/07/18 1:29 p.m.4 views

CVE-2018-2978

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

7.1CVSS7.3AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/07/18 1:0 p.m.13 views

CVE-2018-2978

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

6.7AI score0.01739EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2018/07/17 12:0 a.m.4 views

June 21, 2018—KB4284863 (Preview of Monthly Rollup)

June 21, 2018—KB4284863 Preview of Monthly Rollup Improvements and fixes This nonsecurity update includes improvements and fixes that were a part of KB 4284815 released June 12, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates the...

6.9AI score
Exploits0
CVE
CVE
added 2018/07/10 6:0 p.m.51 views

CVE-2018-10889

CVE-2018-10889 affects Moodle prior to 3.5.1, 3.4.4, or 3.3.7. The flaw allows privacy exposure due to logs in data privacy exports that cannot be omitted. Remediation: upgrade to Moodle 3.5.1 or later (3.5 line), 3.4.4 or later (3.4 line), or 3.3.7 or later (3.3 line).

5.3CVSS5.2AI score0.02137EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/10 8:34 a.m.21 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM WebSphere Application Server Versions 6.1, 7, 8, 8.5, and 8.5.5 that are used by IBM Rational ClearCase. Vulnerability Details Please consult the Security Bulletin: Vulnerability with RSA...

5.4CVSS0.3AI score0.98685EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2018/07/06 12:0 a.m.26 views

Ninja Forms < 3.3.9 - Insufficient Restrictions during Export Personal Data requests

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by an Insufficient Restrictions during Export Personal Data requests security vulnerability...

6.4CVSS2.9AI score0.01744EPSS
Exploits0Affected Software1
OSV
OSV
added 2018/07/03 2:29 p.m.2 views

CVE-2018-7765

The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter...

8.8CVSS5.8AI score0.02917EPSS
Exploits3References2
CNVD
CNVD
added 2018/07/03 12:0 a.m.1 views

SAP BASIS Report for Terminology Export System Command Injection Vulnerability

SAP BASIS is a role engaged in sap system administration. Mainly responsible for sap system planning, installation, configuration, management, monitoring, maintenance, tuning, etc.. A command injection vulnerability exists in the SAP BASIS Report for Terminology Export system, which can be...

8.2AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/06/29 12:0 a.m.7 views

The vulnerability of the components ExportSettings.sh, updateWPS, RebootSystem, and vpnBasicSettings of the Intelbras NCLOUD 300 Wi-Fi router’s microprogramming system allows a hacker to gain access to the device with administrator privileges.

The vulnerabilities of the components ExportSettings.sh /cgi-bin/ExportSettings.sh, updateWPS /goform/updateWPS, RebootSystem /goform/RebootSystem, and vpnBasicSettings /goform/vpnBasicSettings of the Intelbras NCLOUD 300 Wi-Fi router software are related to the use of pre-installed registration...

10CVSS5.5AI score0.35573EPSS
Exploits5References4Affected Software1
Prion
Prion
added 2018/06/26 5:29 p.m.17 views

Design/Logic Flaw

A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration...

4CVSS6.2AI score0.00988EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/26 5:29 p.m.15 views

CVE-2018-1000609

A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration...

6.5CVSS6.3AI score
Exploits0References1
0day.today
0day.today
added 2018/06/26 12:0 a.m.92 views

WordPress Advanced Order Export For #WooCommerce CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Advanced Order Export For WooCommerce 1.5.4 - CSV Injection Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/woo-order-export-lite/ Affected Version: 1.5.4 and before Category: Plugi...

0.1AI score0.05209EPSS
Exploits6
OSV
OSV
added 2018/06/25 6:29 p.m.5 views

CVE-2018-11589

Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the...

9.8CVSS5.8AI score0.02147EPSS
Exploits0References7
0day.today
0day.today
added 2018/06/25 12:0 a.m.36 views

Wordpress Comments Import & Export Plugin < 2.0.4 - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Comments Import & Export 2.0.4 - CSV Injection Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/comments-import-export-woocommerce/ Affected Version: 2.0.4 and before Category: Plugi...

0.1AI score0.05209EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/25 12:0 a.m.16 views

WordPress Plugin Comments Import Export 2.0.4 - CSV Injection

WordPress Plugin Comments Import Export 2.0.4 - CSV Injection Exploit Title: Wordpress Plugin Comments Import & Export 2.0.4 - CSV Injection Google Dork: N/A Date: 2018-06-24 Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/comments-import-export-woocommerce/ Affected...

6.8CVSS0.05209EPSS
Exploits5
Rows per page
Query Builder