Lucene search
+L

37 matches found

CNVD
CNVD
added 2021/07/12 12:0 a.m.5 views

ArcGIS Server Manager Stored Cross-Site Scripting Vulnerability

ArcGIS Server is the back-end server software component of ArcGIS Enterprise.ArcGIS Server Manager is an application that is installed with ArcGIS Server and provides an intuitive and convenient interface for managing the server. A stored cross-site scripting vulnerability exists in ArcGIS Server...

6.1CVSS5.9AI score0.00856EPSS
Exploits0References1
NVD
NVD
added 2021/07/11 2:15 a.m.14 views

CVE-2021-29104

A stored Cross Site Scripting XXS vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote unauthenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application...

6.1CVSS0.0081EPSS
Exploits0References1
Prion
Prion
added 2021/07/11 2:15 a.m.12 views

Cross site scripting

A stored Cross Site Scripting XXS vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote unauthenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application...

4.3CVSS6.1AI score0.0081EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/07/11 1:39 a.m.7 views

CVE-2021-29104 There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below.

A stored Cross Site Scripting XXS vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote unauthenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application...

6.1CVSS6.4AI score0.0081EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/11 12:0 a.m.4 views

Esri Arcgis Server 跨站脚本漏洞

ArcGIS Server is the back-end server software component of ArcGIS Enterprise.ArcGIS Server Manager is an application that is installed with ArcGIS Server and provides an intuitive and convenient interface for managing the server. A stored cross-site scripting vulnerability exists in ArcGIS Server...

6.1CVSS5.2AI score0.0081EPSS
Exploits0References3
Prion
Prion
added 2021/07/10 3:15 p.m.12 views

Cross site scripting

A stored Cross Site Scripting XXS vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote unauthenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application...

4.3CVSS6.1AI score0.00856EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2021/05/23 9:30 p.m.86 views

AMSITrigger - The Hunt For Malicious Strings

Hunting for Malicious Strings Usage: AMSI calls xmas tree mode -d, --debug Show Debug Info -m, --maxsiglength=VALUE Maximum signature Length to cater for, default=2048 -c, --chunksize=VALUE Chunk size to send to AMSIScanBuffer, default=4096 -h, -?, --help Show Help " -i, --inputfile=VALUE...

7.5AI score
Exploits0References1
OSV
OSV
added 2020/10/14 2:15 p.m.3 views

UBUNTU-CVE-2020-9746

Adobe Flash Player version 32.0.0.433 and earlier are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default...

8.8CVSS7.5AI score0.04427EPSS
Exploits0References3
OSV
OSV
added 2019/12/18 6:15 p.m.4 views

CVE-2019-8516

A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service...

7.5CVSS7.2AI score0.01836EPSS
Exploits0References4
Veracode
Veracode
added 2018/10/01 2:13 a.m.8 views

Regular Expression Denial Of Service (ReDoS)

ua-parser-js is vulnerable to regular expression denial of service ReDoS. The vulnerability exists because the string parser does not use proper regular expressions to filter out malicious strings passing to it...

6.5AI score
Exploits0
Veracode
Veracode
added 2018/05/22 7:54 a.m.10 views

Regular Expression Denial Of Service (ReDoS)

diff is vulnerable to regular expression denial of service ReDoS attacks. The vulnerability exists due to the usage of improper regular expression that would cause a ReDoS attack when parsing malicious strings...

4.8AI score
Exploits0
Prion
Prion
added 2017/11/22 7:29 p.m.14 views

Command injection

FusionSphere V100R006C00SPC102NFV has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands...

9CVSS7.3AI score0.02041EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.15 views

CVE-2017-8197

FusionSphere V100R006C00SPC102NFV has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious strings and send them to a target device. Successful exploit could allow the attacker to launch a command injection attack and execute system commands...

7.3AI score0.02041EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/19 12:0 a.m.3 views

Arbitrary Code Execution Vulnerability in CoreFoundation Component of Multiple Apple Products

Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system. coreFoundation is one of the C application programming interface API components. A security vulnerability exists in the...

9.8CVSS7.4AI score0.03323EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.25 views

Fedora 12 : asterisk-1.6.1.17-1.fc12 (2010-3381)

Update to 1.6.1.17 AST-2010-003: Invalid parsing of ACL rules can compromise security AST-2010-002: This security release is intended to raise awareness of how it is possible to insert malicious strings into dialplans, and to advise developers to read the best practices documents so that they may...

5CVSS5.5AI score0.03377EPSS
Exploits0References3
Metasploit
Metasploit
added 2009/10/25 5:5 a.m.14 views

SMB Tree Connect Request Fuzzer

This module sends a series of SMB tree connect requests using malicious strings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Tree Connect Request Fuzzer', 'Description' = %q This module...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.23 views

Ubuntu Update for kdelibs, qt-x11-free vulnerability USN-452-1

Ubuntu Update for Linux kernel vulnerabilities USN-452-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4521.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for kdelibs, qt-x11-free vulnerability USN-452-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

4.3CVSS0.1AI score0.02054EPSS
Exploits0References2
Rows per page
Query Builder