Lucene search
K

75 matches found

BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.6 views

The vulnerability of iOS, tvOS, and watchOS operating systems lies in a logical error during authentication processes, which allows attackers to bypass authenticity checks.

The vulnerability of iOS, tvOS, and watchOS operating systems is related to a logical error during the authentication process. Exploiting this vulnerability can allow an attacker to bypass authenticity checks...

5.5CVSS5.9AI score0.01112EPSS
Exploits0References4Affected Software3
Tenable Nessus
Tenable Nessus
added 2021/05/06 12:0 a.m.275 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9215)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9215 advisory. - btrfs: fix race when cloning extent buffer during rewind of an old root Filipe Manana Orabug: 32669454 CVE-2021-28964 - xen-blkback: don't leak...

7.8CVSS7.1AI score0.00708EPSS
Exploits0References10
Veracode
Veracode
added 2021/04/29 11:59 a.m.26 views

Decoder Error

VideoLAN VLC media player is vulnerable to logical error. it allows an attacker to cause a denial of service memory corruption through a crafted image file...

7.8CVSS6.5AI score0.01925EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.8 views

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to a logical error, allows attackers to escalate their privileges and expose sensitive information.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to a logical error. Exploiting this vulnerability can allow attackers to enhance their privileges and expose sensitive information...

7.9CVSS6.9AI score0.00399EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.8 views

The vulnerability of Intel Server Platform Services’ microprogramming software, related to a logical error, allows attackers to trigger a service failure.

The vulnerability of Intel Server Platform Services’ microprogramming software is related to a logical error. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.6CVSS6.4AI score0.00332EPSS
Exploits0References2
NVD
NVD
added 2019/09/25 9:15 p.m.20 views

CVE-2019-12659

A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exploit this vulnerability by generating a high amount of...

7.5CVSS6.1AI score0.01824EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/06/26 12:0 a.m.5 views

The vulnerability of the Cisco StarOS operating system’s packet handler, which allows a hacker to trigger a service failure

The vulnerability of the Cisco StarOS operating system’s packet processor is related to a logical error in packet processing. Exploiting this vulnerability allows an attacker to trigger a Denial-of-Service attack by sending a specially crafted sequence of packets...

8.6CVSS5.4AI score0.0264EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2019/05/16 2:59 a.m.34 views

Out-Of-Bounds Read

PHP is vulnerable to out-of-bounds reads. The vulnerability exists in matchat during regular expression searching because of a logical error involving order of validation and access in matchat...

9.8CVSS9.1AI score0.0654EPSS
Exploits1References6Affected Software1
myhack58
myhack58
added 2019/02/21 12:0 a.m.184 views

Successfully acquired WinRAR 19-year-old code-execution vulnerability-a vulnerability warning-the black bar safety net

In this paper, we describes how to use the WinAFL fuzz testing tool Find WinRAR in the logic error, and use it to completely control the volatile trap host story. The vulnerability only by extracting a carefully constructed archive file can be successfully exploited, so that more than 5 billion...

8.3AI score
Exploits0
myhack58
myhack58
added 2018/12/23 12:0 a.m.56 views

CVE-2018-20129: DedeCMS V5. 7 SP2 front Desk file upload getshell vulnerability alerts-a vulnerability alert-the black bar safety net

2018-12-11 in CVE Chinese application station published a DEDECMS 5.7 SP2 is the latest version there is a file upload vulnerability, with administrator privileges can exploit this vulnerability to upload and getshell execute arbitrary PHP code. After analysis and verification. The vulnerability...

0.3AI score0.08226EPSS
Exploits1
seebug.org
seebug.org
added 2017/09/06 12:0 a.m.14 views

beescms 一处逻辑错误

No description provided by source...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2017/07/17 9:0 p.m.20 views

CVE-2017-9339

A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token...

5.3AI score0.01036EPSS
Exploits0References1
OwnCloud
OwnCloud
added 2017/05/31 11:39 a.m.527 views

Share tokens for public calendars disclosed - ownCloud

A logical error caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token. Affected Software ownCloud Server 10.0.2 CVE-2017-9339 Action Taken The error has been fixed and regression test...

5CVSS5.4AI score0.01036EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2017/05/30 12:0 a.m.19 views

Nextcloud 'Calender and Addressbook' Information Disclosure Vulnerability - Linux

Nextcloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

3.5CVSS3.6AI score0.00724EPSS
Exploits0References2
Prion
Prion
added 2017/05/24 3:29 p.m.25 views

Stack overflow

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...

7.5CVSS6.8AI score0.0654EPSS
Exploits1References4Affected Software2
AlpineLinux
AlpineLinux
added 2017/05/24 3:0 p.m.60 views

CVE-2017-9224

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...

9.8CVSS9.7AI score0.0654EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/05/22 12:0 a.m.13 views

FreeBSD : asterisk -- Buffer Overrun in PJSIP transaction layer (0537afa3-3ce0-11e7-bf9d-001999f8d30b)

The Asterisk project reports : A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

5.7AI score
Exploits0References3
NVD
NVD
added 2017/05/08 8:29 p.m.22 views

CVE-2017-0894

Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token...

4.3CVSS4.5AI score0.01169EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/05/08 8:0 p.m.33 views

CVE-2017-0894

Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token...

4.7AI score0.01169EPSS
Exploits0References2
Nextcloud
Nextcloud
added 2017/05/08 12:0 a.m.31 views

Calendar and addressbook names disclosed (NC-SA-2017-012)

A logical error caused disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and adressbook has been disclosed...

3.5CVSS2AI score0.00724EPSS
Exploits0Affected Software1
Rows per page
Query Builder