Lucene search
K

4659 matches found

BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.5 views

The vulnerability of the Expenses component in the Oracle Project Costing calculation service’s CurrencyOverride feature allows a malicious actor to gain unauthorized access to create, modify, or delete data.

The vulnerability of the Expenses component in the Oracle Project Costing calculation service’s CurrencyOverride feature is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to create, modify, o...

8.5CVSS7.6AI score0.01028EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.5 views

The vulnerability of the Kubernetes cluster management software, related to errors in processing hypertext links, allows a hacker to access confidential data.

The vulnerability of the Kubernetes cluster management software is related to errors in processing hypertext links. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

4.1CVSS5.7AI score0.01953EPSS
Exploits0References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/04/05 6:15 p.m.2 views

CVE-2022-28648

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...

5.7CVSS6.1AI score0.01335EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/05 6:15 p.m.5 views

CVE-2022-28648

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...

5.4CVSS5.8AI score0.01335EPSS
Exploits0References1
OSV
OSV
added 2022/04/05 1:15 a.m.1 views

DEBIAN-CVE-2022-0467

Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

8.8CVSS7.2AI score0.00952EPSS
Exploits1References1
OSV
OSV
added 2022/04/05 1:15 a.m.1 views

DEBIAN-CVE-2022-0468

Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.007EPSS
Exploits0References1
OSV
OSV
added 2022/04/05 1:15 a.m.2 views

UBUNTU-CVE-2022-0804

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page...

6.5CVSS7.3AI score0.00863EPSS
Exploits0References3
OSV
OSV
added 2022/04/05 1:15 a.m.2 views

UBUNTU-CVE-2022-0809

Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01031EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/04/05 12:15 a.m.4 views

CVE-2022-0608

Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.7AI score0.01118EPSS
Exploits0References3
OSV
OSV
added 2022/04/05 12:15 a.m.2 views

UBUNTU-CVE-2022-0610

Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS5.8AI score0.00782EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.7 views

The vulnerability of the isolated programming environment for the Racket language, related to errors in processing hypertext links, allows attackers to compromise the integrity of data.

The vulnerability of the isolated programming environment Racket is related to errors in processing hypertext links. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...

7.8CVSS7.2AI score0.00869EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/30 12:0 a.m.9 views

The vulnerability of the filtervar function in the PHP interpreter allows attackers to execute arbitrary code.

The vulnerability of the filtervar function in the PHP interpreter is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted user input...

7.6CVSS6.5AI score
Exploits0References1
CNNVD
CNNVD
added 2022/03/28 12:0 a.m.2 views

fenom 安全漏洞

fenom is a lightweight and fast PHP template engine. fenom 2.12.1 and earlier versions are vulnerable to code injection, which stems from a failure to properly filter the construct command special characters, commands, etc. in the getTemplateCode function of fenom/src/Fenom/Template.php, which ca...

10CVSS6.2AI score0.01082EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2022/03/24 12:0 a.m.6 views

VulnCheck KEV: CVE-2021-31166

Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution...

9.8CVSS7.6AI score0.99718EPSS
Exploits24References1
BDU FSTEC
BDU FSTEC
added 2022/03/21 12:0 a.m.7 views

The vulnerability of Google Chrome’s Storage component allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s Storage component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created HTML page...

9.3CVSS8.5AI score0.01361EPSS
Exploits1References13Affected Software8
Microsoft CVE
Microsoft CVE
added 2022/03/16 7:0 a.m.2 views

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker who controls the HTTP server to make the client script enter an infinite loop consuming CPU time. The highest threat from this vulnerability is to system availability.

...

7.5CVSS7.9AI score0.11586EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.6 views

The vulnerability of the Oracle Access Manager component of the Oracle Fusion Middleware software allows a perpetrator to execute arbitrary code.

The vulnerability of the Oracle Access Manager component of the Oracle Fusion Middleware software is related to errors in processing http requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7.9AI score0.96284EPSS
Exploits5References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.6 views

The vulnerability in the interface for supporting streaming audio and video data from the Media Streams API in browsers like Google Chrome and Microsoft Edge allows a attacker to execute arbitrary code on the target system.

The vulnerability of the Media Streams API interface for handling streaming audio and video data in Google Chrome and Microsoft Edge browsers is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system...

9.3CVSS8.5AI score0.015EPSS
Exploits1References14Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.7 views

The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted HTML page...

9.3CVSS8.2AI score0.01312EPSS
Exploits0References11Affected Software6
ATTACKERKB
ATTACKERKB
added 2022/03/15 6:15 p.m.0 views

CVE-2022-25495

The component /jqueryfileupload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file...

9.8CVSS6AI score0.0204EPSS
Exploits1References2
Rows per page
Query Builder