Lucene search
K

151 matches found

ATTACKERKB
ATTACKERKB
added 2022/03/10 10:0 a.m.8 views

CVE-2022-0677

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...

7.5CVSS7.2AI score0.01229EPSS
Exploits0References2
Prion
Prion
added 2021/12/13 4:15 a.m.11 views

Cross site request forgery (csrf)

An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bruteforcing the 4 hex-character session cookie on the Windows version the Linux version appears to have 8 characters. An attacker can obtain the static part of the cooki...

5CVSS7.5AI score0.02529EPSS
Exploits2References3Affected Software1
ALT Linux
ALT Linux
added 2021/10/07 12:0 a.m.55 views

Security fix for the ALT Linux 10 package apache2 version 1:2.4.50-alt1

Oct. 7, 2021 Anton Farygin 1:2.4.50-alt1 - 2.4.50 Fixes: CVE-2021-41773, CVE-2021-41524...

5CVSS7.9AI score0.99992EPSS
Exploits148
Positive Technologies
Positive Technologies
added 2021/06/11 12:0 a.m.4 views

PT-2021-17153

Name of the Vulnerable Software and Affected Versions OpenPLC ScadaBR versions through 0.9.1 on Linux and through 1.12.4 on Windows. Description OpenPLC ScadaBR is affected by a stored cross-site scripting XSS vulnerability in the system settings.shtm file. This flaw allows attackers to execute...

8.8CVSS6.7AI score0.4805EPSS
Exploits9References89
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.6 views

Intel Graphics Drivers 输入验证错误漏洞

Intel is an American company that develops CPUs and is the world's largest manufacturer of personal computer parts and CPUs. Intel® Graphics Drivers Integer Overflow Vulnerability, an integer overflow vulnerability in the firmware of some IntelR Graphics Drivers for Windows prior to version...

7.8CVSS6.8AI score0.00359EPSS
Exploits0References31
ALT Linux
ALT Linux
added 2020/11/23 12:0 a.m.41 views

Security fix for the ALT Linux 10 package helm version 3.4.1-alt1

Nov. 23, 2020 Aleksei Nikiforov 3.4.1-alt1 - Updated to upstream version 3.4.1 Fixes: CVE-2020-4053, CVE-2020-11013, CVE-2020-15184, CVE-2020-15185, CVE-2020-15186, CVE-2020-15187...

8.5CVSS5.3AI score0.01458EPSS
Exploits1
NVD
NVD
added 2020/08/03 2:15 p.m.14 views

CVE-2019-19455

Wowza Streaming Engine before 4.8.5 has Insecure Permissions which may allow a local attacker to escalate privileges in / usr / local / WowzaStreamingEngine / manager / bin / in the Linux version of the server by writing arbitrary commands in any file and execute them as root. This issue was...

7.8CVSS7.8AI score0.00372EPSS
Exploits0References3
OSV
OSV
added 2018/07/11 4:29 p.m.4 views

CVE-2018-3933

An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in remote cod...

7.8CVSS6.1AI score0.02052EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/07/06 12:0 a.m.4 views

PT-2018-2560 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.17.7 Description: The issue exists due to insufficient input validation in the yurex USB driver, specifically in the yurex read function within the drivers/usb/misc/yurex.c file. This can be exploited by local...

8.4CVSS7.4AI score0.14806EPSS
Exploits26References477
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.23 views

CVE-2017-12549

A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found...

6.5AI score0.00316EPSS
Exploits0References3
CNVD
CNVD
added 2018/02/02 12:0 a.m.3 views

7-Zip and p7zip Memory Corruption Vulnerability

7-Zip is a free, open source compression/decompression software. p7zip is its version for Linux-based platforms. A security vulnerability exists in the NCompress::NRar3::CDecoder::Code method in 7-Zip prior to version 18.00 and p7zip, which stems from the program's failure to properly handle...

7.8CVSS7.8AI score0.02906EPSS
Exploits1References1
0day.today
0day.today
added 2018/01/09 12:0 a.m.28 views

Commvault Communications Service (cvd) - Command Injection Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Commvault Communications Service cvd Command...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2018/01/06 3:44 p.m.245 views

HackerOne: ImageMagick GIF coder vulnerability leading to memory disclosure

Hello Hackerone Security Team, Well,we are aware of Imagemagick Gif parsor method to collect the pixels and then we can recover it to gain server information. https://github.com/neex/gifoeb However,it has no impact on hackerone since it's immune to gif files uploading functionality. So, ,gif...

4.3CVSS7.8AI score0.19193EPSS
Exploits4
ALT Linux
ALT Linux
added 2017/12/25 12:0 a.m.28 views

Security fix for the ALT Linux 10 package thunderbird version 52.5.2-alt1

Dec. 25, 2017 Andrey Cherepanov 52.5.2-alt1 - New version 52.5.2 - Enigmail 1.9.9 - Fixes: + CVE-2017-7846 JavaScript Execution via RSS in mailbox:// origin + CVE-2017-7847 Local path string can be leaked from RSS feed + CVE-2017-7848 RSS Feed vulnerable to new line Injection + CVE-2017-7829...

6.8CVSS7.1AI score0.02008EPSS
Exploits1
Prion
Prion
added 2017/04/13 5:59 p.m.14 views

Command injection

The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors...

10CVSS7.5AI score0.05649EPSS
Exploits0References1
OSV
OSV
added 2017/03/14 10:59 p.m.2 views

CVE-2016-8019

Cross-site scripting XSS vulnerability in attributes in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input...

6.1CVSS5.9AI score0.04006EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2016/10/12 12:0 a.m.1 views

PT-2016-7183 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions prior to 18.0.0.382 Adobe Flash Player versions 19.x through 23.x before 23.0.0.185 Adobe Flash Player versions prior to 11.2.202.637 on Linux Description: The issue allows attackers to execute arbitrary code by...

9.3CVSS9.3AI score0.19899EPSS
Exploits4References69
Positive Technologies
Positive Technologies
added 2016/09/14 12:0 a.m.1 views

PT-2016-5879 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions prior to 18.0.0.375 Adobe Flash Player versions 19.x through 23.x before 23.0.0.162 Adobe Flash Player versions prior to 11.2.202.635 on Linux Description: An integer overflow issue allows attackers to execute...

9.3CVSS8.7AI score0.19443EPSS
Exploits2References143
Positive Technologies
Positive Technologies
added 2016/07/12 12:0 a.m.2 views

PT-2016-2425 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions prior to 18.0.0.366 Adobe Flash Player versions 19.x through 22.x before 22.0.0.209 Adobe Flash Player version before 11.2.202.632 on Linux Description: The issue is related to the lack of protection for internal...

9.3CVSS7.1AI score0.36456EPSS
Exploits26References291
BDU FSTEC
BDU FSTEC
added 2016/07/11 12:0 a.m.4 views

Vulnerability of software platforms such as Flash Player and Flash Player for Linux, which allows attackers to compromise the integrity, accessibility, and confidentiality of information.

The vulnerabilities of the Flash Player and Flash Player for Linux are related to errors in the code. Exploiting these vulnerabilities can allow a malicious actor to compromise the integrity, accessibility, and confidentiality of information...

9.3CVSS7.7AI score0.0381EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder