Lucene search
K

3832 matches found

CVE
CVE
added 2018/04/24 2:0 a.m.44 views

CVE-2018-10320

CVE-2018-10320 affects Frog CMS 0.9.5 with a stored/reflected XSS via the admin/?/layout/edit layout[name] parameter (Edit Layout). The CNVD entry and NVD description confirm a cross-site scripting vulnerability in Frog CMS 0.9.5, exploitable remotely by crafting the name input to inject script. ...

4.8CVSS4.9AI score0.00534EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/04/24 12:0 a.m.4 views

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2018-08554)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit the...

4.8CVSS6.1AI score0.00534EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2018/04/20 12:0 a.m.25 views

Foxit Reader XFA layout sheet Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS2.3AI score0.03226EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/04/20 12:0 a.m.22 views

Foxit Reader XFA layout Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.6AI score0.03226EPSS
Exploits0References1
Virtuozzo
Virtuozzo
added 2018/04/13 12:0 a.m.20 views

Product update: Virtuozzo 7.0 Update 7 Hotfix 1 (7.0.7-445)

The Hotfix 1 for Virtuozzo 7.0 Update 7 provides stability and usability bug fixes. Vulnerability id: PSBM-82558 Container migration could sometimes fail due to a CRIU issue. Vulnerability id: PSBM-82711 'prlctl qemu-update' could fail due to unnamed dirty bitmaps. This could result in backups no...

6.7AI score
Exploits0
OSV
OSV
added 2018/04/12 1:29 a.m.3 views

CVE-2018-0971

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...

5.5CVSS5.8AI score0.0358EPSS
Exploits1References4
OSV
OSV
added 2018/04/12 1:29 a.m.2 views

CVE-2018-0974

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...

5.5CVSS5.8AI score0.0358EPSS
Exploits1References4
OSV
OSV
added 2018/04/12 1:29 a.m.2 views

CVE-2018-0969

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...

5.5CVSS5.8AI score0.0358EPSS
Exploits1References4
OSV
OSV
added 2018/04/12 1:29 a.m.1 views

CVE-2018-0972

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...

5.5CVSS5.8AI score0.0358EPSS
Exploits1References4
OSV
OSV
added 2018/04/12 1:29 a.m.2 views

CVE-2018-0975

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...

5.5CVSS5.8AI score0.03043EPSS
Exploits2References4
CNVD
CNVD
added 2018/04/11 12:0 a.m.3 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08569)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.0358EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.3 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08570)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.0358EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.1 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08571)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.0358EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.2 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08334)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.03043EPSS
Exploits2References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.1 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08800)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.03692EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.3 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08801)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.0358EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/04/10 3:23 p.m.6 views

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

5.5CVSS7.2AI score0.00469EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/04/10 9:1 a.m.5 views

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

5.5CVSS7.2AI score0.00469EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/04/10 9:1 a.m.5 views

kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...

5.5CVSS6.7AI score0.00499EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2018/04/10 7:0 a.m.28 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a...

5.5CVSS5.3AI score0.03043EPSS
Exploits2
Rows per page
Query Builder