Lucene search
K

8688 matches found

OSV
OSV
added 2017/07/17 1:18 p.m.3 views

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

9.8CVSS5.8AI score0.02625EPSS
Exploits0References1
OSV
OSV
added 2017/07/17 1:18 p.m.24 views

CVE-2017-1000051

Cross-site scripting XSS vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content...

6.1CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2017/07/17 1:18 p.m.12 views

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

9.8CVSS9.6AI score0.02625EPSS
Exploits0References1
Prion
Prion
added 2017/07/17 1:18 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content...

4.3CVSS6AI score0.01157EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/07/17 1:18 p.m.14 views

Design/Logic Flaw

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

7.5CVSS9.5AI score0.02625EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/13 8:0 p.m.23 views

CVE-2017-1000051

Cross-site scripting XSS vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content...

6.1AI score0.01157EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/13 8:0 p.m.18 views

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

9.6AI score0.02625EPSS
Exploits0References1
Fedora
Fedora
added 2017/07/08 4:54 p.m.29 views

[SECURITY] Fedora 26 Update: bind99-9.9.10-1.P2.fc26

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP...

7.5CVSS3.1AI score0.18299EPSS
Exploits1
Kitploit
Kitploit
added 2017/07/07 3:12 p.m.23 views

Steamer - Import, Search, and Manage Public Password Breach Data

Import, manage, search public dumps. Do you have massive amounts of CSV, .sql, .txt, that have credentials, passwords, and hashes inside? Use Steamer to manage them! Load them into a MongoDB database, and either uses the console directly or just use the handy web interface complete with JSON...

7.5AI score
Exploits0References1
NVD
NVD
added 2017/06/21 7:29 p.m.19 views

CVE-2017-7918

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive...

6.8CVSS6.7AI score0.06653EPSS
Exploits2References2
Prion
Prion
added 2017/06/21 7:29 p.m.16 views

Improper access control

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive...

6CVSS6.6AI score0.06653EPSS
Exploits2References2
CNVD
CNVD
added 2017/06/20 12:0 a.m.4 views

Elasticsearch Logstash Denial of Service Vulnerability

Elasticsearch Logstash is a set of log analysis and monitoring tools from Elasticsearch Netherlands. The tool provides functions such as search, processing and management of logs or events. A security vulnerability exists in Elasticsearch Logstash versions prior to 2.3.3. A remote attacker can...

7.5CVSS6.7AI score0.01315EPSS
Exploits0References1
Veeam
Veeam
added 2017/06/15 12:0 a.m.21 views

How to Restore from Microsoft Exchange 2007 with Veeam Backup and Replication

Challenge This KB article documents the procedure for restoring Exchange 2007 application items using a Surebackup job with export to PST. Please note that as of April 2017, Microsoft no longer supports Exchange 2007. As such, steps 7 and 8 of this process are no longer supported by Veeam Technic...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/06/14 12:0 a.m.1 views

Schneider Electric U.motion Builder track_import_export remote code execution vulnerability

U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in Schneider Electric U.motion Builder trackimportexport. When the export operation is selected in an applet call, the underlying SQLite database query requires SQL injection of the...

9.4AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/06/12 12:0 a.m.26 views

(0Day) Schneider Electric U.motion Builder track_import_export SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of trackimportexport.php, which is exposed on the web...

10CVSS8.7AI score
Exploits0References1
rapid7community
rapid7community
added 2017/05/30 2:46 p.m.1363 views

InsightVM/Nexpose Patch Tuesday Reporting

Many of our customers wish to report specifically on Microsoft patch related vulnerabilities. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects...

9.3CVSS7.2AI score0.99373EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2017/05/30 12:0 a.m.10 views

MyBB < 1.8.12 Multiple Vulnerabilities

Binary data 700128.prm...

7.3AI score
Exploits0References1
Oracle linux
Oracle linux
added 2017/05/26 12:0 a.m.90 views

kernel security, bug fix, and enhancement update

3.10.0-514.21.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.21.1 - kernel sched/core: Fix an SMP ordering race in trytowakeup vs...

9.3CVSS7.4AI score0.17827EPSS
Exploits18
RedHat Linux
RedHat Linux
added 2017/05/25 1:39 p.m.6 views

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References4
NVD
NVD
added 2017/05/23 4:29 a.m.12 views

CVE-2015-5609

Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote attackers to read and delete arbitrary files via a full pathname in the file parameter to download.php...

9.1CVSS9.1AI score0.03207EPSS
Exploits1References3
Rows per page
Query Builder