Lucene search
+L

230 matches found

Vulnrichment
Vulnrichment
added 2024/05/29 3:52 p.m.16 views

CVE-2024-35284

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient input validation...

6.1AI score0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/29 3:42 p.m.14 views

CVE-2024-35283

A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting XSS attack due to insufficient input validation...

5.8AI score0.00263EPSS
Exploits0References1
CNVD
CNVD
added 2024/04/10 12:0 a.m.4 views

Siemens SIMATIC WinCC Denial of Service Vulnerability (CNVD-2024-17302)

SIMATIC PCS 7 is a process control system.SIMATIC WinCC is an automated data acquisition and monitoring SCADA system.SIMATIC WinCC Runtime Professional is used for operator visualization of the runtime platform for the control and monitoring of machines and equipment. A denial of service...

6.9CVSS6.7AI score0.00182EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/12/25 6:15 a.m.4 views

CVE-2023-31455

Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...

7.5CVSS7.2AI score0.00615EPSS
Exploits0References2
OSV
OSV
added 2023/12/20 2:44 p.m.3 views

SUSE-SU-2023:4932-1 Security update for libreoffice

This update for libreoffice fixes the following issues: - CVE-2023-6186: Fixed link targets allow arbitrary script execution bsc1217578. - CVE-2023-6185: Fixed Improper input validation enabling arbitrary Gstreamer pipeline injection bsc1217577...

8.8CVSS8.9AI score0.01017EPSS
Exploits0References5
OSV
OSV
added 2023/02/01 6:15 a.m.5 views

CVE-2022-32482

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

5.1CVSS5.8AI score0.00162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.5 views

PT-2022-25774 · Sap · Sap Netweaver As Java

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS Java HTTP Provider Service version 7.50 Description: The issue is caused by insufficient input validation, allowing an unauthenticated attacker to inject a script into a web request header. Successful exploitation enables an...

6.1CVSS6.4AI score0.00433EPSS
Exploits0References5
OSV
OSV
added 2022/12/06 11:32 p.m.7 views

MGASA-2022-0447 Updated freerdp packages fix security vulnerability

In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...

5.7CVSS5.5AI score0.00967EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/12/01 12:0 a.m.5 views

PT-2022-5768 · Nvidia · Nvidia Gpu Display Driver

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows affected versions not specified Description: The issue is related to insufficient input validation in the NVIDIA GPU Display Driver, allowing an unprivileged user to access or modify system files,...

8.8CVSS7.7AI score0.00277EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.2 views

PT-2022-37580 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions prior to the fixed version Description: The issue is related to several bugs in PHP, including an out-of-bounds read due to insufficient input validation in the imageloadfont function, a buffer overflow in the hash update functio...

7.9AI score
Exploits0References4
OSV
OSV
added 2022/09/29 3:15 a.m.6 views

CVE-2014-0144

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privilege...

8.6CVSS8.7AI score
Exploits0References17
OSV
OSV
added 2022/09/02 7:49 a.m.9 views

SUSE-SU-2022:2993-1 Security update for freerdp

This update for freerdp fixes the following issues: - Fixed two input validation issues bsc1191895: - CVE-2021-41159: Fixed an improper validation of client input for gateway connections. - CVE-2021-41160: Fixed improper region checks that could lead to memory corruption...

8.8CVSS8.7AI score0.01553EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/21 12:0 a.m.11 views

PT-2022-7224 · Proscend · Proscend M330-W +7

Name of the Vulnerable Software and Affected Versions: Proscend M330-w versions Proscend M330-W5 versions Proscend M350-5G versions Proscend M350-W5G versions Proscend M350-6 versions Proscend M350-W6 versions Proscend M301-G versions Proscend M301-GW versions Proscend ICR 111WG versions...

10CVSS9.4AI score0.02346EPSS
Exploits2References14
Positive Technologies
Positive Technologies
added 2022/08/18 12:0 a.m.5 views

PT-2022-37649 · Nvidia · Nvidia Windows Gpu Display Driver +1

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Linux versions prior to the fixed version NVIDIA GPU Display Driver for Windows versions prior to the fixed version Description: The issue is related to improper input validation and null-pointer dereferences in...

7.5AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/07/08 12:0 a.m.6 views

PT-2022-3949 · Haproxy +4 · Haproxy +4

Name of the Vulnerable Software and Affected Versions: Roxy-WI versions prior to 6.1.1.0 Description: Roxy-WI is a web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. The issue arises from the subprocess execute function in the /app/options.py file, which does not properly...

10CVSS9.6AI score0.90387EPSS
Exploits15References22
OSV
OSV
added 2022/01/14 11:7 a.m.9 views

SUSE-SU-2022:0079-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-24504: Fixed an uncontrolled resource consumption in some IntelR Ethernet E810 Adapter drivers that may have allowed an authenticated user to...

7.5CVSS7.8AI score0.03585EPSS
Exploits2References87
ATTACKERKB
ATTACKERKB
added 2021/11/17 8:15 p.m.4 views

CVE-2021-0078

Improper input validation in software for some IntelR PROSet/Wireless WiFi and KillerTM WiFi in Windows 10 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access...

8.1CVSS5.3AI score0.00416EPSS
Exploits0References2
OSV
OSV
added 2021/10/27 1:15 a.m.7 views

CVE-2011-4124

Input validation issues were found in Calibre at devices/linuxmounthelper.c which can lead to argument injection and elevation of privileges...

9.8CVSS7.2AI score
Exploits0References9
OSV
OSV
added 2021/09/23 2:22 p.m.9 views

SUSE-SU-2021:3211-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames bsc1188881. - CVE-2021-22931: Fixed improper handling of untypical characters in domain names bsc1189370. - CVE-2021-22940: Use after free on close http2 on stream canceling bsc118936...

9.8CVSS7.8AI score0.37286EPSS
Exploits3References11
Redos
Redos
added 2021/09/08 12:0 a.m.13 views

ROS-2-2075

2.2075 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.7AI score0.61664EPSS
Exploits7
Rows per page
Query Builder