Lucene search
K

79 matches found

CNNVD
CNNVD
added 2024/11/26 12:0 a.m.3 views

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, artificial intelligence-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware. A security vulnerability exists in VMware Aria Operations that originates from a malicious command that can be inserted...

7.8CVSS6.5AI score0.00293EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/28 12:0 a.m.15 views

CVE-2024-48074

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...

0.00653EPSS
Exploits1References2
OSV
OSV
added 2024/09/21 2:17 p.m.11 views

MAL-2024-8932 Malicious code in @the-c-company/common-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e18cae6ce0c3de2fe7988c316471f5383433deaa0e8b9bf0376b69b634188218 The OpenSSF Package Analysis project identified '@the-c-company/common-utils' @ 1.0.0 npm as malicious. It is considered malicious because: - Th...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/03 9:6 a.m.4 views

Malicious code in cra-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e49ccaa79a7296b7f1237beb3210cabf6610aab5c68e2c349b1fff4d3b2bb332 The OpenSSF Package Analysis project identified 'cra-docs' @ 7.999.45 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Veracode
Veracode
added 2023/12/26 12:36 a.m.23 views

Information Exposure

gitlab:sid is vulnerable to Information Exposure. The vulnerability due to read the source code of a project by using attackeraccesstoken and login to Victim account sets the Repository. It allows an attacker execute the malicious command with attacker account...

7.5CVSS7AI score0.00623EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/11/17 12:0 a.m.6 views

coreBOS Security Vulnerabilities

coreBOS is a JPL TSolucio open source commercial software capable of managing daily business needs. A security vulnerability exists in coreBOS version 8.0 and earlier versions. An attacker could exploit the vulnerability to inject malicious commands into tables...

8CVSS6.8AI score0.01285EPSS
Exploits1References4
OSV
OSV
added 2023/08/30 8:8 p.m.3 views

GHSA-95RP-6GQP-6622 Command Injection Vulnerability in find-exec

Older versions of the package are vulnerable to Command Injection as an attacker controlled parameter. As a result, attackers may run malicious commands. For example: const find = require"find-exec"; find"mplayer; touch hacked" This creates a file named "hacked" on the filesystem. You should neve...

9.8CVSS5.9AI score0.01489EPSS
Exploits0References4
Prion
Prion
added 2023/04/25 2:15 p.m.17 views

Command injection

Sengled Dimmer Switch V0.0.9 contains a denial of service DOS vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. After receiving the malicious command, the device will keep reporting its status and finally drain its battery...

5CVSS7.4AI score0.01231EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/04/25 12:0 a.m.38 views

CVE-2023-29779

CVE-2023-29779 affects Sengled Dimmer Switch V0.0.9. Vulnerability allows a remote attacker to send malicious Zigbee messages that crash the device and cause it to report status repeatedly, ultimately draining the battery after the Set_short_poll_interval command. No exploit details are provided ...

7.5CVSS7.4AI score0.01231EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/27 12:0 a.m.33 views

AlmaLinux 8 : thunderbird (ALSA-2023:0463)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0463 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox console.log allowed...

8.8CVSS7.9AI score0.00892EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/01/26 12:0 a.m.33 views

RHEL 9 : thunderbird (RHSA-2023:0476)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0476 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla:...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
Rockylinux
Rockylinux
added 2023/01/25 3:7 p.m.42 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

8.8CVSS8.3AI score0.00892EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.29 views

RHEL 9 : thunderbird (RHSA-2023:0461)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0461 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla:...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.26 views

RHEL 8 : thunderbird (RHSA-2023:0460)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0460 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla:...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.32 views

RHEL 8 : thunderbird (RHSA-2023:0457)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0457 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla:...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2023/01/23 9:26 a.m.6 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:26 a.m.33 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.2AI score0.00892EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.33 views

RHEL 8 : firefox (RHSA-2023:0294)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0294 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.47 views

RHEL 7 : firefox (RHSA-2023:0296)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0296 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.19 views

RHEL 9 : firefox (RHSA-2023:0285)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0285 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS8.1AI score0.00892EPSS
Exploits0References18
Rows per page
Query Builder