Lucene search
+L

336 matches found

OSV
OSV
added 2019/05/22 8:29 p.m.8 views

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

7.5CVSS7.1AI score0.01129EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/05/13 10:17 p.m.166 views

Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices

Cisco has disclosed an unpatched, high-severity vulnerability that impacts millions of devices, in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation. Cisco has also disclosed a similarly widely-impacting high-severity bug tha...

9CVSS0.4AI score0.05516EPSS
Exploits0References6
OSV
OSV
added 2018/09/05 5:29 p.m.11 views

CVE-2016-1000030

Pidgin version 2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutlsx509crtinit and gnutlsx509crtimport that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client...

9.8CVSS7.1AI score0.01844EPSS
Exploits0References5
ICS
ICS
added 2018/08/28 12:0 a.m.199 views

Schneider Electric Modicon M221

1. EXECUTIVE SUMMARY CVSS v3 4.8 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Modicon M221 Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to remotely...

7.8CVSS7.7AI score0.02797EPSS
Exploits1References5
CVE
CVE
added 2018/06/29 3:0 p.m.58 views

CVE-2018-13013

The CVE-2018-13013 entry affects SAFE’N’SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite prior to 4.4.9. Root cause: improper check of unusual conditions when launching msiexec.exe via the SysWatch service, allowing a local attacker to...

7.8CVSS7.4AI score0.00191EPSS
Exploits0References1Affected Software3
ICS
ICS
added 2018/04/05 12:0 a.m.59 views

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor : LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment : LAquis SCADA Vulnerability : Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device an attacker...

7.8CVSS8AI score0.00435EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/11/27 12:0 a.m.32 views

CVE-2017-16944

The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...

7.5CVSS7.3AI score0.6332EPSS
Exploits7References2
Prion
Prion
added 2017/11/25 5:29 p.m.33 views

Design/Logic Flaw

The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...

5CVSS7.3AI score0.6332EPSS
Exploits7References9Affected Software2
NVD
NVD
added 2017/11/25 5:29 p.m.20 views

CVE-2017-16944

The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...

7.5CVSS7.5AI score0.6332EPSS
Exploits7References9
Prion
Prion
added 2017/03/28 2:59 a.m.20 views

Authorization

Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare the file to themselv...

4CVSS6.9AI score0.01624EPSS
Exploits1References7Affected Software1
UbuntuCve
UbuntuCve
added 2016/02/01 9:59 p.m.45 views

CVE-2016-2049

examples/consumer/common.php in JanRain PHP OpenID library aka php-openid improperly checks the openid.realm parameter against the SERVERNAME element in the SERVER superglobal array, which might allow remote attackers to hijack the authentication of arbitrary users via vectors involving a crafted...

8.8CVSS7.3AI score0.02171EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/02/02 12:0 a.m.23 views

CVE-2013-0442

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

8.3AI score0.08087EPSS
Exploits0References27
UbuntuCve
UbuntuCve
added 2013/02/01 12:0 a.m.47 views

CVE-2013-0442

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

10CVSS7.2AI score0.08087EPSS
Exploits0References5
exploitpack
exploitpack
added 2010/06/23 12:0 a.m.10 views

Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download

Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download Exploit Title: Arbitrary File Download in InterScan Web Security Virtual Appliance 5.0 Date: 22-06-2010 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249&regs=NABU?loc=1...

0.1AI score
Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.130 views

CVE-2024-33427

CVE-2024-33427 is rejected/not used; this CVE entry does not represent an active vulnerability.

6.8AI score
Exploits0
Debian CVE
Debian CVE
added 1976/01/01 12:0 a.m.39 views

CVE-2024-33427

Removed by vendor...

6.1AI score
Exploits0
Rows per page
Query Builder