Lucene search
K

1053 matches found

CNVD
CNVD
added 2015/10/22 12:0 a.m.4 views

Fortinet FortiOS Access Privilege Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. An access...

9.3CVSS7.2AI score0.03401EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2015/10/06 1:59 a.m.2 views

CVE-2015-4992

IBM Sterling B2B Integrator 5.2 before 50205008 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...

3.5CVSS5.6AI score0.00787EPSS
Exploits0References3
CNVD
CNVD
added 2015/09/23 12:0 a.m.6 views

Cisco ASR 9000 IOS DHCPv6 Server Denial of Service Vulnerability

Cisco IOS on ASR 9000 is a set of operating systems from Cisco that run on 9000 series router devices. A denial of service vulnerability exists in the DHCPv6 server in Cisco IOS on Cisco ASR 9000 devices using software version 5.2.0 Base. A remote attacker could exploit this vulnerability by...

5CVSS6.8AI score0.02435EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/06 12:0 a.m.4 views

Fortinet FortiClient Unauthorized Operation Vulnerability

Fortinet FortiClient is a Fortinet endpoint security solution that provides end users with anti-virus, encryption and other services. An unauthorized operation vulnerability exists in Fortinet FortiClient versions prior to 5.2.4, which allows a local user write to write to arbitrary memory...

7.2CVSS6.7AI score0.00515EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/30 12:0 a.m.5 views

Fortinet FortiGate FortiOS Security Bypass Vulnerability

Fortinet FortiGate running FortiOS is a set of security operating system developed by American Fitta Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security feature...

6.7AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/07/21 10:14 a.m.4 views

wireshark: TN5250 infinite loop (wnpa-sec-2014-23)

The dissectwritestructuredfield function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service infinite loop via a crafted packet...

5CVSS7.4AI score0.03488EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.8 views

The vulnerability of the Red Hat Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ncurses-5.2 package on the Red Hat Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...

7.2CVSS5.5AI score0.00679EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2015/03/26 12:0 a.m.4 views

Tiki Wiki CMS Groupware Cross-Site Scripting Vulnerability

Tiki Wiki CMS Groupware is a suite of open source content management and portal applications from the Tiki software community that can be used to create web applications, portals, corporate intranets, extranets, and more. A cross-site scripting vulnerability exists in Tiki Wiki CMS Groupware...

6.6AI score
Exploits0References1
CNVD
CNVD
added 2015/03/26 12:0 a.m.3 views

Tiki Wiki CMS Groupware Local File Inclusion Vulnerability

Tiki Wiki CMS Groupware is a suite of open source content management and portal applications from the Tiki software community that can be used to create web applications, portals, corporate intranets, extranets, and more. A local file inclusion vulnerability exists in Tiki Wiki CMS Groupware...

6.3AI score
Exploits0References1
CNVD
CNVD
added 2015/01/23 12:0 a.m.6 views

FFmpeg and Libav 'libavcodec/xface.h' Denial of Service Vulnerability

FFmpeg is a free program that performs recording, transferring and streaming of audio and video in various formats. FFmpeg versions prior to 2.5.2 libavcodec/xface.h establishes certain numeric and word array dimensions that do not conform to the required mathematical relationships, which can be...

7.5CVSS6.8AI score0.01986EPSS
Exploits0References1
OSV
OSV
added 2014/09/04 5:55 p.m.2 views

DEBIAN-CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...

5CVSS7AI score0.11572EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2014/06/30 6:59 p.m.8 views

CFME: reflected XSS in several places due to missing JavaScript escaping

Cross-site scripting XSS vulnerability in application/panelcontrol in CloudForms 3.0 Management Engine CFME before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01429EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2014/05/14 12:0 a.m.5 views

PT-2014-3466 · Red Hat · Red Hat Cloudforms Management Engine

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms Management Engine CFME versions prior to 5.2.3.2 Description: The issue allows remote authenticated users to delete arbitrary catalogs by guessing the catalog ID, specifically targeting the CatalogController. Recommendation...

4CVSS6.3AI score0.01019EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2013/07/17 1:41 p.m.3 views

CVE-2013-3821

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality and availability via unknown vectors related to Integration Broker...

6.4CVSS5.5AI score0.06897EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2013/02/05 12:0 a.m.6 views

PT-2013-1463 · Red Hat · Web Platform +3

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Application Platform EAP versions prior to 5.2.0 Web Platform EWP versions prior to 5.2.0 BRMS Platform versions prior to 5.3.1 SOA Platform versions prior to 5.3.1 Description: A cross-site scripting XSS issue exists in the...

4.3CVSS5.4AI score0.01794EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2013/01/24 6:28 p.m.7 views

JBoss: SecurityAssociation.getCredential() will return the previous credential if no security context is provided

The SecurityAssociation.getCredential method in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 returns the credentials of the previous user when a security context is not provided, which allows remot...

5.8CVSS6.3AI score0.01862EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/11/14 8:41 p.m.3 views

mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Apr 2012)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690...

6.8CVSS6.7AI score0.0374EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/01/24 9:3 p.m.6 views

t1lib: Invalid pointer dereference via crafted Type 1 font

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...

6.8CVSS6AI score0.13055EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/09/01 7:54 p.m.11 views

rsyslog: parseLegacySyslogMsg off-by-two buffer overflow

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG in a legacy syslog message...

5CVSS6AI score0.20759EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2010/12/22 3:0 a.m.5 views

CVE-2009-2189

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...

6.1CVSS5.6AI score0.00816EPSS
Exploits0References4
Rows per page
Query Builder