CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6734 matches found

Talos•added 2019/01/02 12:0 a.m.•25 views

CleanMyMac X removeDiagnosticLogs privilege escalation vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access can use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs https://macpaw.com/cleanmymac...

7.1CVSS6AI score0.00306EPSS

Exploits0

Talos•added 2019/01/02 12:0 a.m.•31 views

Clean My Mac X pleaseTerminate denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machi...

7.1CVSS5.8AI score0.00309EPSS

Exploits0

Talos•added 2019/01/02 12:0 a.m.•32 views

CleanMyMac X moveItemAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software improperly validates inputs. An attacker with local access could use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful...

7.1CVSS6AI score0.00306EPSS

Exploits0

Talos•added 2019/01/02 12:0 a.m.•33 views

CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS6AI score0.00309EPSS

Exploits0

Talos•added 2019/01/02 12:0 a.m.•20 views

Clean My Mac X removePackageWithID privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS6AI score0.00309EPSS

Exploits0

OSV•added 2018/12/24 4:29 p.m.•2 views

CVE-2018-7832

An Improper Input Validation vulnerability exists in Pro-Face GP-Pro EX v4.08 and previous versions which could cause the execution arbitrary executable when GP-Pro EX is launched...

8.8CVSS6AI score0.02196EPSS

Exploits0References3

OSV•added 2018/12/21 5:46 p.m.•4 views

GHSA-H4X4-5QP2-WP46 Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...

6.5CVSS7AI score0.04758EPSS

Exploits1References17

Github Security Blog•added 2018/12/21 5:46 p.m.•81 views

Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353

6.5CVSS5.4AI score0.04758EPSS

Exploits1References16Affected Software1

OSV•added 2018/12/20 9:29 p.m.•2 views

CVE-2018-19005

Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code...

7.8CVSS5.9AI score0.0167EPSS

Exploits0References2

Cvelist•added 2018/12/20 9:0 p.m.•11 views

CVE-2018-19005

7.5AI score0.0167EPSS

Exploits0References2

NVD•added 2018/12/20 5:29 p.m.•17 views

CVE-2018-1000880

libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards release v3.2.0 onwards contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archivereadsupportformatwarc.c, warcread that can result in DoS - quasi-infinite run time and disk usage from ti...

6.5CVSS7.2AI score0.04056EPSS

Exploits0References10

UbuntuCve•added 2018/12/20 5:29 p.m.•23 views

CVE-2018-1000873

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...

6.5CVSS6.8AI score0.04758EPSS

Exploits1References3

Prion•added 2018/12/20 5:29 p.m.•14 views

Input validation

4.3CVSS7.1AI score0.04056EPSS

Exploits0References10Affected Software4

Prion•added 2018/12/20 5:29 p.m.•30 views

Input validation

4.3CVSS7.8AI score0.04758EPSS

Exploits1References14Affected Software6

NVD•added 2018/12/20 5:29 p.m.•27 views

CVE-2018-1000873

6.5CVSS7.1AI score0.04758EPSS

Exploits1References14

OSV•added 2018/12/20 5:29 p.m.•33 views

CVE-2018-1000873

6.5CVSS6.6AI score

Exploits0References14

Cvelist•added 2018/12/20 5:0 p.m.•21 views

CVE-2018-1000880

7.2AI score0.04056EPSS

Exploits0References10

CVE•added 2018/12/20 5:0 p.m.•245 views

CVE-2018-1000873

CVE-2018-1000873 : A CWE-20 DoS vulnerability in Fasterxml Jackson, specifically in jackson-modules-java8 prior to 2.9.8, allows an attacker to trigger denial of service by deserializing malicious input (notably very large values in the nanoseconds field of a time value). The issue is fixed in 2....

6.5CVSS7.7AI score0.04758EPSS

Exploits1References14Affected Software1

Cvelist•added 2018/12/20 5:0 p.m.•25 views

CVE-2018-1000873

7.9AI score0.04758EPSS

Exploits1References14

OSV•added 2018/12/20 12:0 a.m.•0 views

UBUNTU-CVE-2018-1000880

6.5CVSS6.7AI score0.04056EPSS

Exploits0References5

Rows per page