Lucene search
K

1481 matches found

BDU FSTEC
BDU FSTEC
added 2021/07/27 12:0 a.m.6 views

The vulnerability of Adobe Experience Manager’s content and media management system, related to the lack of measures for cleaning incoming data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Adobe Experience Manager content and media management system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.1CVSS6.3AI score0.02118EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/07/26 12:0 a.m.17 views

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55882)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

5.4CVSS3.6AI score0.00589EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/26 12:0 a.m.16 views

NCH Quorum Cross-Site Scripting Vulnerability

NCH Quorum is a teleconference server software. It can turn any computer into a conference call server. A cross-site scripting vulnerability exists in NCH Quorum, which stems from the product's /conferencebrowseuploadfile?confid=failure to properly handle user input data and can be exploited to...

5.4CVSS1.3AI score0.00589EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/26 12:0 a.m.17 views

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55888)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

5.4CVSS3.5AI score0.00589EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/26 12:0 a.m.26 views

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55917)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

5.4CVSS3.5AI score0.00589EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/26 12:0 a.m.20 views

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55883)

NCH Axon PBX is a set of virtual telephone switch software used in a business environment. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the fact that the product's customer name does not properly filter special characters in the input data and can be exploited to...

5.4CVSS3.3AI score0.00622EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/07/22 12:0 a.m.4 views

The vulnerability of the library for EXIF file grammar analysis in libexif, related to integer overflow, allows attackers to access confidential information or cause service failures.

The vulnerability of the library for grammatical analysis of EXIF files in libexif is related to a numerical overflow in the input data of the MNOTE input file. Exploiting this vulnerability can allow an attacker to gain access to confidential information or cause service failures...

8.1CVSS6.6AI score0.01525EPSS
Exploits0References9Affected Software3
Veracode
Veracode
added 2021/07/20 3:16 p.m.7 views

Injection Vulnerability

thunderbird is vulnerable to injection vulnerability. The vulnerability exists due to the lack of sanitization of input data prior to the completion of the STARTTLS handshake...

5.9CVSS7AI score0.012EPSS
Exploits0References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.5 views

The vulnerability of the Ceph storage system, related to insufficient validation of input data, allows attackers to compromise the integrity of the data.

The vulnerability of the Ceph storage system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of the data...

6.5CVSS6.4AI score0.01612EPSS
Exploits0References11Affected Software4
CNVD
CNVD
added 2021/07/12 12:0 a.m.8 views

Aruba ClearPass Policy Manager Command Injection Vulnerability (CNVD-2021-50186)

Aruba ClearPass Policy Manager is an application from Aruba, Inc. that provides a wireless network security access management system. Aruba ClearPass Policy Manager suffers from a command injection vulnerability that originates from the product not doing security checks on user input data, which...

6.5CVSS7.6AI score0.01246EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/09 12:0 a.m.6 views

QSAN XEVO Path Traversal Vulnerability

QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A path traversal vulnerability exists in QSAN XEVO, which stems from a failure of the product's back-end analysis function to filter input data for special characters. The...

7.5CVSS6.9AI score0.01669EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/01 12:0 a.m.23 views

Huawei Emui and Magic UI DoS Vulnerability (CNVD-2021-93836)

Huawei Emui is a mobile operating system based on Android, and Magic Ui is a mobile operating system based on Android. A security vulnerability exists in Huawei Emui and Magic UI, which stems from a failure to properly validate input data. An attacker could exploit the vulnerability to cause a...

7.8CVSS2AI score0.00689EPSS
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.5 views

The vulnerability of the software platform for developing and managing online stores Magento Commerce arises from insufficient validation of input data. This allows attackers to access confidential information.

The vulnerability of the Magento Commerce software platform for developing and managing online stores exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

2.6CVSS5.4AI score0.01425EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/06/25 12:0 a.m.6 views

The vulnerability of the xen-netback component in the Linux operating system allows a hacker to increase their privileges or expose sensitive information.

The vulnerability of the xen-netback component in the Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges or disclose sensitive information...

7.8CVSS6.5AI score0.00361EPSS
Exploits0References16Affected Software3
Positive Technologies
Positive Technologies
added 2021/06/17 12:0 a.m.4 views

PT-2021-19986 · Open Design Alliance · Oda Drawing Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance ODA Drawing SDK versions prior to 2022.5 Description: The issue is related to an out-of-bounds read in the DWG file-recovering procedure due to the lack of proper validation of user-supplied data. This can cause a read pa...

7.1CVSS6.6AI score0.0205EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2021/06/16 12:0 a.m.7 views

The vulnerability of Microsoft Windows Defender operating system allows a hacker to trigger a service failure.

The vulnerability of Microsoft Windows Defender operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS5.9AI score0.01225EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2021/06/11 4:15 p.m.24 views

CVE-2021-22759

A CWE-416: Use after free vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition...

7.8CVSS0.01232EPSS
Exploits0References1
NVD
NVD
added 2021/06/11 4:15 p.m.24 views

CVE-2021-22757

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious CGF file is imported to IGSS Definition...

7.8CVSS0.01265EPSS
Exploits0References1
Prion
Prion
added 2021/06/11 4:15 p.m.16 views

Design/Logic Flaw

A CWE-416: Use after free vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition...

6.8CVSS8.1AI score0.01232EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/06/11 4:15 p.m.19 views

Remote code execution

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file is imported to IGSS Definition...

6.8CVSS7.9AI score0.01172EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder