Lucene search
K

268 matches found

Cvelist
Cvelist
added 2023/12/04 2:30 p.m.23 views

CVE-2023-5767

A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language file being improperly sanitized...

6CVSS6.1AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2023/12/01 12:0 a.m.10 views

ASB-A-301094654

In TBD of TBD, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.3AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2023/11/18 12:15 a.m.30 views

CVE-2023-43177

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

9.8CVSS0.81801EPSS
Exploits7References2
ATTACKERKB
ATTACKERKB
added 2023/11/18 12:15 a.m.68 views

CVE-2023-43177

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

9.8CVSS7.4AI score0.81801EPSS
In wildExploits7References5
Prion
Prion
added 2023/11/18 12:15 a.m.28 views

Design/Logic Flaw

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

7.5CVSS7.1AI score0.81801EPSS
Exploits7References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/17 12:0 a.m.37 views

CVE-2023-43177

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

6.7AI score0.81801EPSS
Exploits7References2
Cvelist
Cvelist
added 2023/11/17 12:0 a.m.31 views

CVE-2023-43177

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

9.7AI score0.81801EPSS
Exploits7References2
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

Zoom Client Code Issue Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A code issue vulnerability exists in Zoom Client that stems from an improperly checked condition. It could allow an authenticated user to perform a denial of service via network access...

6.5CVSS6.8AI score0.00855EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.5 views

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that stems from an improperly executed vulnerability in the Downloads module...

8.8CVSS6.6AI score0.0128EPSS
Exploits0References8
Cvelist
Cvelist
added 2023/10/30 4:56 p.m.15 views

CVE-2023-21358

In UWB Google, there is a possible way for a malicious app to masquerade as system app com.android.uwb.resources due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.5AI score0.00079EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.18 views

Juniper Junos OS Vulnerability (JSA73145)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73145 advisory. - An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue...

7.5CVSS7.4AI score0.00531EPSS
Exploits0References3
CVE
CVE
added 2023/10/12 11:1 p.m.59 views

CVE-2023-44181

The vulnerability CVE-2023-44181 affects Juniper Networks Junos OS on QFX5k devices, caused by an improperly implemented security check in storm control. When storm control is enabled and ICMPv6 traffic is present, packets can be punted to the ARP queue, creating an L2 loop that can lead to DoS c...

7.5CVSS7.5AI score0.00531EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/12 11:1 p.m.14 views

CVE-2023-44181 Junos OS: QFX5k: l2 loop in the overlay impacts the stability in a EVPN/VXLAN environment

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMP...

7.5CVSS6.9AI score0.00531EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.3 views

Juniper Networks Junos OS Code Issue Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS contains a code issue vulnerability that arises from an improperly checked exception or anomaly...

7.5CVSS7AI score0.00538EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/12 12:0 a.m.88 views

RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:5693)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5693 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

9.8CVSS6.4AI score0.04293EPSS
Exploits3References64
Prion
Prion
added 2023/10/10 5:15 p.m.20 views

Code injection

In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random...

6.4CVSS9.2AI score0.00871EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/10 12:0 a.m.13 views

CVE-2020-27633

In FNET 4.6.3, TCP ISNs are improperly random...

7.2AI score0.00871EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/10 12:0 a.m.9 views

CVE-2020-27631

In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random...

7.2AI score0.01083EPSS
Exploits0References3
Hacker One
Hacker One
added 2023/09/28 3:52 a.m.24 views

GitHub: [PATs] Ability to leak comments from issues without ANY "Issues" repo permissions by utilizing "Pull Request" permissions

An incorrect authorization vulnerability in GitHub Enterprise Server allowed issue comments to be read without proper permissions through improperly scoped tokens...

4.3CVSS4.5AI score0.00467EPSS
Exploits0
CNNVD
CNNVD
added 2023/09/06 12:0 a.m.6 views

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2023 Release 1 prior to version 1, which stems from an improperly exported android...

4CVSS6.5AI score0.00137EPSS
Exploits0References2
Rows per page
Query Builder