Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

Cvelist
Cvelistadded 2022/06/07 6:20 p.m.11 views

CVE-2022-30746

Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API...

7.5CVSS7.6AI score0.00342EPSS
Exploits0References1
Microsoft KB
Microsoft KBadded 2019/09/10 7:0 a.m.45 views

Description of the security update for SharePoint Server 2019: September 10, 2019

Description of the security update for SharePoint Server 2019: September 10, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about this...

8.8CVSS7.5AI score0.4093EPSS
Exploits0
NVD
NVDadded 2018/07/23 11:29 p.m.9 views

CVE-2018-14573

A Local File Inclusion LFI vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files through the use of directory traversal sequences, aka CSL-1683...

5.5CVSS5.6AI score0.00054EPSS
Exploits0References1
CVE
CVEadded 2018/07/23 11:0 p.m.46 views

CVE-2018-14573

The vulnerability CVE-2018-14573 affects TightRope Media Carousel Digital Signage before 7.3.5. It is a Local File Inclusion (LFI) in the Web Interface API’s RenderingFetch function, exploitable via directory traversal sequences (CSL-1683) to download arbitrary files. Impact is stated as Partial ...

5.5CVSS5.6AI score0.00054EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/07/23 11:0 p.m.9 views

CVE-2018-14573

A Local File Inclusion LFI vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files through the use of directory traversal sequences, aka CSL-1683...

5.7AI score0.00054EPSS
Exploits0References1
Prion
Prionadded 2017/04/27 8:59 p.m.13 views

Design/Logic Flaw

In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also...

7.5CVSS7.9AI score0.00986EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2017/04/27 8:0 p.m.50 views

CVE-2017-8307

Affected software. Avast Antivirus (before v17) on Windows. Vulnerability and root cause. The LPC interface API exposed by the AvastSVC.exe Windows service can be abused to launch predefined binaries or replace/delete arbitrary files. This arises in the context of Avast Self-Defense and can be ex...

9.8CVSS8.6AI score0.00986EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linuxadded 2007/09/04 2:37 p.m.2 views

Kernel: CAPI overflow

Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service crash and possibly gain privileges via a crafted CAPI packet...

6.9CVSS5.8AI score0.00156EPSS
Exploits0References4
Rows per page
Query Builder