Lucene search
K

356 matches found

CNVD
CNVD
added 2015/10/29 12:0 a.m.1 views

Apple iOS/OS X/watchOS Memory Corruption Vulnerability

OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. iOS is an operating system developed by Apple for mobile devices. Apple iOS versions prior to 9.1, Apple OS X versions prior to 10.11.1, and watchOS versions prior to 2.0.1 IOHIDFamily...

9.3CVSS9.2AI score0.02816EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/22 12:0 a.m.2 views

Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability

Cisco Prime Collaboration Provisioning is the United States of America Cisco Cisco a set of Web-based next-generation communications services solutions. A security vulnerability exists in the Web framework of Cisco Prime Collaboration Assurance. A remote attacker could exploit the vulnerability b...

9CVSS6.9AI score0.02644EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/10 12:0 a.m.4 views

Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05953)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure NET Framework is a comprehensive and consistent programming model...

9.3CVSS7AI score0.2102EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/06/29 12:0 a.m.7 views

The vulnerability of the microprogramming software of the Cisco TelePresence Supervisor MSE 8050 allows a intruder to execute arbitrary code with privileges of the root user.

The vulnerability of the web-based framework of the microprogramming software for the Cisco TelePresence Supervisor MSE 8050 relates to deficiencies in access control for files. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code with...

9CVSS6AI score0.02891EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/29 12:0 a.m.6 views

The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a intruder to execute arbitrary code with privileges of the root user.

The vulnerability of the web-based framework of the microprogramming software for Cisco TelePresence Server lies in the lack of access control for files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of a root user...

9CVSS6AI score0.02891EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2015/01/21 6:59 p.m.2 views

CVE-2015-0369

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to AX/HI Web UI...

4.3CVSS5.5AI score0.01222EPSS
Exploits0References5
OSV
OSV
added 2014/11/05 11:55 a.m.2 views

DEBIAN-CVE-2014-8549

libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted On2 data...

7.5CVSS7.3AI score0.02395EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2013/10/27 12:0 a.m.3 views

SpringSource Spring Framework XML External Entity Information Disclosure (CVE-2013-4152)

An information disclosure vulnerability exists in SpringSource Spring Framework...

5.5AI score0.26467EPSS
Exploits1
Prion
Prion
added 2013/06/26 9:55 p.m.10 views

Command injection

The web framework in Cisco Prime Central for Hosted Collaboration Solution HCS Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, ak...

5CVSS7.3AI score0.01186EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/02/20 9:33 p.m.6 views

Framework: Information (internal server information, classpath, local working directories, session IDs) disclosure

VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language EL, evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a 1 name attribute in a a spring:hasBindErrors ta...

7.5CVSS6.5AI score0.11779EPSS
Exploits1References4
OSV
OSV
added 2007/10/30 7:46 p.m.8 views

CVE-2007-5712

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

6.3AI score
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2005/02/09 12:0 a.m.116 views

MS05-004: ASP.NET Path Validation Vulnerability (887219)

The remote host is running a version of the ASP.NET framework that could allow an attacker to bypass the security of an ASP.NET website and obtain unauthorized access. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid16333; scriptversion"1.36"; scriptcvsdate"Date:...

9.8CVSS8.5AI score0.75702EPSS
Exploits1References2
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.14 views

Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2008 SP2 for Itanium-based Systems (KB2804580)

A security issue has been identified that could allow an attacker to misrepresent a system action or behavior without the knowledge of the user. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

1.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.15 views

Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)

A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you m...

2.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.15 views

Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2518870)

A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you m...

2.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.20 views

Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)

A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you m...

2.6AI score
Exploits0
Rows per page
Query Builder