Lucene search
K

360 matches found

CVE
CVE
added 2018/03/06 8:0 p.m.241 views

CVE-2018-5729

CVE-2018-5729 (and CVE-2018-5730) affects MIT Kerberos 5 (krb5) where an authenticated kadmin user with LDAP-principal-adding rights can cause a NULL pointer dereference or bypass a DN container check by supplying crafted data or DN arguments. The issue stems from insufficient validation in the K...

6.5CVSS4.8AI score0.026EPSS
Exploits0References10Affected Software1
RedHat Linux
RedHat Linux
added 2018/01/10 8:56 p.m.4 views

flash-plugin: out-of-bounds read causing information leak (APSB18-01)

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid out-of-range pointer offset during access of internal data structure fields causes...

7.5CVSS7.3AI score0.05509EPSS
Exploits0References5
Prion
Prion
added 2017/12/09 6:29 a.m.22 views

Design/Logic Flaw

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

9.3CVSS8.8AI score0.08512EPSS
Exploits0References3Affected Software4
Cvelist
Cvelist
added 2017/12/09 6:0 a.m.19 views

CVE-2017-16382

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

8.9AI score0.0672EPSS
Exploits0References3
NVD
NVD
added 2017/08/04 9:29 a.m.16 views

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

9.8CVSS9.7AI score0.02659EPSS
Exploits0References5
OSV
OSV
added 2017/04/12 2:59 p.m.3 views

CVE-2017-3026

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution...

7.8CVSS6AI score0.04069EPSS
Exploits1References3
Vulnerability Lab
Vulnerability Lab
added 2016/11/17 12:0 a.m.36 views

Apple iOS 10.1 - Multiple Access Permission Vulnerabilities

Document Title: =============== Apple iOS 10.1 - Multiple Access Permission Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2012 Apple Security ID: 648680301 Video1: https://www.youtube.com/watch?v=fY2ObtxkDg Video2:...

0.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/09/14 12:0 a.m.6 views

PT-2016-2775 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is related to a lack of protection for internal data in the Flash Player platform. It can be exploited by a remote attacker to bypass existing access restrictions or...

9.3CVSS7.8AI score0.19443EPSS
Exploits2References144
n0where
n0where
added 2016/07/19 5:20 p.m.17 views

Network-based DNS logging in Go: GoPassiveDNS

A network-capture based DNS logger, inspired by passivedns. It uses gopacket to deal with libpcap and packet processing. It outputs JSON logs. It is intended to deal with high volume query capture in environments with anywhewre from one to hundreds of DNS resolvers. Why not use PassiveDNS from...

0.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/07/12 12:0 a.m.2 views

PT-2016-2390 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is related to a lack of protection for internal data in the Flash Player platform. This could allow a remote attacker to obtain confidential information from the proces...

9.3CVSS6.8AI score0.36456EPSS
Exploits26References296
The Hacker News
The Hacker News
added 2015/08/25 10:2 p.m.14 views

Ashley Madison Hacker – An Insider Woman Employee?

"Ashley Madison was not hacked!" This is what declared by John McAfee, former founder of antivirus software company McAfee. So far everyone must be aware of Ashley Madison massive data breach. Last week, the hackers, who called themselves Impact Team, posted 10GB of personal data for tens of...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2015/08/21 12:0 a.m.31 views

ShopEx多名员工安全意识不足泄露内部业务信息

简要描述: ShopEx 详细说明: 以下多名员工邮箱存在弱口令,包括hr。 hr Shopex123 chenminrui Shopex123 huhao Shopex123 lihuatian Shopex123 lixunlong Shopex1234 可进一步登陆 mail.shopex.cn 漏洞证明: 随机抽两个看一下 还有vpn说明 点到为止 就这样吧...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2015/08/20 8:25 p.m.14 views

Ashley Madison 2.0 — Hackers Leak 20GB Data Dump, Including CEO's Emails

The Impact Team – Wait, Cheaters! We haven't yet done. The group of hackers behind the breach of Ashley Madison, the popular cheater's dating service, have released a second, even much bigger 'cheat sheet' exposing sensitive materials that include sensitive corporate information. Two days ago, th...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2015/06/05 12:0 a.m.24 views

金蝶某处配置不当可导致内部敏感信息泄露

简要描述: rt审核帮忙打一下码谢谢 详细说明: 问题出现在:https://github.com/Kevin2030/financemonitor/blob/9c4ffc8dd773ee072648de3a2e5d7b8afabf638a/src/main/resources/monitor.properties mail.from==?UTF-8?B?6YeR6J225LqS6IGU572R6YeR6J6N?= mail.smtp.host=kdmail.kingdee.com mail.smtp.auth=true mail.debug=false...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/04/02 12:0 a.m.6 views

SAP Mobile Platform XXE Information Disclosure Vulnerability

SAP Mobile Platform is an enterprise mobility platform. SAP Mobile Platform suffers from an XXE External Entity Reference vulnerability that allows remote attackers to submit special XML to send requests to an internal server to obtain sensitive information...

5CVSS6.8AI score0.01642EPSS
Exploits0References1
securityvulns
securityvulns
added 2015/01/19 12:0 a.m.89 views

SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower

SEC Consult Vulnerability Lab Security Advisory 20150113-1 ======================================================================= title: Privilege Escalation & XSS & Missing Authentication product: Ansible Tower vulnerable version: =2.0.2 fixed version: =2.0.5 impact: high homepage:...

0.3AI score
Exploits0
OSV
OSV
added 2014/02/26 2:55 p.m.1 views

UBUNTU-CVE-2013-4590

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, .jspx, .tagx, or .tld XML document containing an external entity declaration ...

4.3CVSS6.6AI score0.09487EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2011/04/13 9:0 p.m.29 views

CVE-2011-0990

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service plugin crash or...

5.8CVSS6.5AI score0.02164EPSS
Exploits0
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.23 views

CVE-2002-0992

Unknown vulnerability in IPV6 functionality for DCE daemons 1 dced or 2 rpcd on HP-UX 11.11 allows attackers to cause a denial of service crash via an attack that modifies internal data...

6.5AI score0.00586EPSS
Exploits0References3
CVE
CVE
added 2000/01/04 5:0 a.m.62 views

CVE-1999-0674

CVE-1999-0674 affects the BSD profiling system call. A local user can modify the internal data space of a program via profiling and execve, with potential impact on confidentiality, integrity, and availability as noted in the sources. No remediation steps or concrete exploit details are provided ...

7.2CVSS6.7AI score0.00833EPSS
Exploits1References2Affected Software4
Rows per page
Query Builder