CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1447 matches found

OSV•added 2017/07/05 8:29 p.m.•2 views

CVE-2017-10759

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpInsertDependencyRecord+0x0000000000000039."...

7.8CVSS5.8AI score0.00053EPSS

Exploits0References1

OSV•added 2017/07/02 3:29 a.m.•0 views

UBUNTU-CVE-2017-10792

There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

6.5CVSS6.8AI score0.00472EPSS

Exploits1References3

OSV•added 2017/06/22 1:29 p.m.•2 views

CVE-2017-3630

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

5.3CVSS5.8AI score0.32075EPSS

Exploits6References4

Prion•added 2017/06/13 6:29 p.m.•10 views

Sql injection

New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause of an INSERT statement, after bypassing a SET SHOWPLANALL ON protecti...

7.5CVSS8.2AI score0.0025EPSS

Exploits1References1Affected Software1

OSV•added 2017/06/13 6:29 p.m.•3 views

CVE-2017-9246

9.8CVSS5.8AI score

Exploits0References1

Cvelist•added 2017/06/13 6:0 p.m.•14 views

CVE-2017-9246

9.8AI score0.0025EPSS

Exploits1References1

exploitpack•added 2017/05/25 12:0 a.m.•48 views

Sophos Cyberoam - Cross-site scripting

Sophos Cyberoam - Cross-site scripting Exploit Title: Sophos Cyberoam – Cross-site scripting XSS vulnerability Date: 25/05/2017 Exploit Author: Bhadresh Patel Version: = Firmware Version 10.6.4 CVE : CVE-2016-9834 This is an article with video tutorial for Sophos Cyberoam – Cross-site scripting X...

4.3CVSS0.1AI score0.00118EPSS

Exploits3

OSV•added 2017/04/24 7:59 p.m.•1 views

CVE-2017-3590

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Python. Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to...

3.3CVSS5.8AI score0.00067EPSS

Exploits0References3

OSV•added 2017/04/24 7:59 p.m.•1 views

CVE-2017-3586

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Whil...

6.4CVSS7.3AI score

Exploits0References5

Prion•added 2017/04/24 7:59 p.m.•24 views

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

2.1CVSS3.5AI score0.00307EPSS

Exploits0References16Affected Software11

OSV•added 2017/04/14 4:59 a.m.•1 views

DEBIAN-CVE-2017-7870