Lucene search
K

106 matches found

vulnersOsv
vulnersOsv
added 2020/04/02 12:0 a.m.9 views

compare-eslint-config (>=0.1.0 <=0.1.1) potentially affected by CVE-2020-7629 via install-package (=0.1.0)

install-package NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on install-package and may be impacted: - compare-eslint-config =0.1.0, =0.1.1 Source cves: CVE-2020-7629 Source advisory: SNYK:JS-INSTALLPACKAGE-564267...

9.8CVSS7.2AI score0.04118EPSS
Exploits1
CNVD
CNVD
added 2020/03/17 12:0 a.m.2 views

Umbraco Code Issue Vulnerability

Umbraco is a Danish company Umbraco C written in open source content management system CMS. A security vulnerability exists in Umbraco CMS version 8.5.3. The vulnerability can be exploited by an attacker to upload files and execute code via the Install Package feature...

6.5CVSS7.4AI score0.02109EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/17 12:0 a.m.1 views

Umbraco Cloud Code Issue Vulnerability

Umbraco is a Danish company Umbraco a set of C written in open source content management system CMS.Umbraco Cloud is the cloud version of Umbraco. A security vulnerability exists in Umbraco Cloud version 8.5.3. The vulnerability can be exploited by an attacker to upload files and execute code wit...

8.8CVSS7.3AI score0.0228EPSS
Exploits1References1
NVD
NVD
added 2020/03/16 8:15 p.m.25 views

CVE-2020-9472

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

6.5CVSS6.7AI score0.02109EPSS
Exploits1References1
OSV
OSV
added 2020/03/16 8:15 p.m.23 views

CVE-2020-9472

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

6.5CVSS7.1AI score0.02109EPSS
Exploits1References1
Prion
Prion
added 2020/03/16 8:15 p.m.22 views

Design/Logic Flaw

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

4CVSS6.6AI score0.02109EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/03/16 7:47 p.m.130 views

CVE-2020-9472

CVE-2020-9472 affects Umbraco CMS 8.5.3. The authenticated user can upload files via the Install Package functionality, which can lead to Remote Code Execution. The vulnerability is evidenced by the CVE description and corroborated across multiple sources in the connected documents (e.g., GHSA/OS...

6.5CVSS6.8AI score0.02109EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/03/16 7:47 p.m.26 views

CVE-2020-9472

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

6.6AI score0.02109EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/07 12:0 a.m.7 views

Google Android elevation of privilege vulnerability (CNVD-2019-01567)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An arbitrary memory release vulnerability exists in the reallyinstallpackage of install.cpp in Google Android 7.0, 7.1.1, and 7.1.2. A local attacker can exploit this...

7.8CVSS9AI score0.00174EPSS
Exploits0References1
OSV
OSV
added 2018/12/06 2:29 p.m.2 views

CVE-2018-9557

In reallyinstallpackage of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0...

7.8CVSS6AI score0.00174EPSS
Exploits0References2
CNVD
CNVD
added 2017/09/26 12:0 a.m.4 views

IBM AIX JRE/SDK installp and updatep package denial of service vulnerability

IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM in the U.S. JRE/SDK installp and updatep packages are among the packages.JRE/SDK install packages are a JRE/SDK installation package; updatep packages are JRE/SDK update packages. JRE/SDK installp packages is a...

7.5CVSS6.6AI score0.0151EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/08/30 12:0 a.m.10 views

Fedora Update for borgbackup FEDORA-2016-20014bf2bd

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Prion
Prion
added 2015/11/12 3:59 a.m.20 views

Design/Logic Flaw

Untrusted search path vulnerability in the client in Symantec Endpoint Protection SEP 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492...

7.2CVSS6.8AI score0.01738EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2015/09/12 12:0 a.m.9 views

Fedora Update for pcre FEDORA-2015-14242

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Prion
Prion
added 2015/08/01 1:59 a.m.21 views

Design/Logic Flaw

Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package...

8.5CVSS6.5AI score0.01738EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.13 views

Fedora Update for firefox FEDORA-2015-8806

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2014/03/17 12:0 a.m.48 views

RedHat Update for kernel RHSA-2014:0285-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.7AI score0.00654EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.21 views

Fedora Update for dcraw FEDORA-2013-22929

Check for the Version of dcraw OpenVAS Vulnerability Test Fedora Update for dcraw FEDORA-2013-22929 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

4.3CVSS9.6AI score0.02059EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.25 views

Fedora Update for kmouth FEDORA-2013-13499

Check for the Version of kmouth OpenVAS Vulnerability Test Fedora Update for kmouth FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

7.5CVSS0.4AI score0.04412EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/06/18 12:0 a.m.12 views

Fedora Update for kde-workspace FEDORA-2013-10182

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.9AI score0.00558EPSS
Exploits1References2
Rows per page
Query Builder