65 matches found
Juniper Junos OS Multiple Vulnerabilities (JSA73160)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA73160 advisory. - An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine pfe of Juniper Networks Junos OS Evolved on PTX10003 Series allows an...
Vulnerabilities in SICK EventCam App
SICK discovered vulnerabilities in the SICK EventCam App, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the EventCam App. SICK recommends making sure to run the product in a secur...
Huawei HarmonyOS 代码问题漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from a serialization and deserialization vulnerability in modules. An attacker exploiting...
SUSE CVE-2012-0115
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492...
Hardcoded credentials
Hardcoded credentials in Global Facilities Management Software GFMS Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes...
The vulnerability of the QNAP QVR surveillance system, related to the failure to take measures to neutralize special elements used in the operating system’s command, allows intruders to compromise the confidentiality, integrity, and accessibility of information.
The vulnerability of the QNAP QVR video surveillance system is related to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...
CVE-2021-26370
Improper validation of destination address in SVCLOADFWIMAGEBYINSTANCE and SVCLOADBINARYBYATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability...
ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS attributes from the MFT , proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2021-46388
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: The issue is not a vulnerability fails CNT2 - Has no impact on availability, integrity or confidence as only documented html templates are shown without additional data or the option to store changes. Notes...
CVE-2022-22727
A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user�s local machine when the user clicks a specially crafted link. Affected Product: EcoStruxure Power...
libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c
There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...
OESA-2021-1155 cairo security update
Security Fixes: A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses...
SUSE: Security Advisory (SUSE-SU-2016:0401-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-11642
The local file inclusion vulnerability present in B&R SiteManager versions 9.2.620236042 allows authenticated users to impact availability of SiteManager instances...
CVE-2020-2760
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Samsung Mobile Device Resource Management Error Vulnerability (CNVD-2020-30606)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices suffer from a resource management error vulnerability that can be exploited by attackers to compromise integrity, availability, and...
Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2017 CPU)
According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 8.3.x prior to 8.3.15.4, 8.4.x prior to 8.4.15.2, 15.x prior to 15.2.15.1, or 16.x prior to 16.2.9.0. It is, therefore, affected by...
MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (Jul 2017 CPU) (Oct 2017 CPU) (Jul 2019 CPU)
The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...
Oracle Database Server Local Vulnerability (CNVD-2017-06092)
Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. A security vulnerability exists in the Oracle Database Server SQLPlus component, which can be exploited by remote attackers to compromi...
Oracle MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities
Binary data 700064.prm...