Lucene search
K

221 matches found

CNVD
CNVD
added 2022/10/14 12:0 a.m.25 views

Adobe Dimension Memory Misreference Vulnerability

Adobe Dimension is a set of 2D and 3D composite design tools from Adobe, Inc. A memory mis-reference vulnerability exists in versions prior to Adobe Dimension 3.4.6, which stems from a "use-after-release" vulnerability that could be exploited to execute arbitrary code in the current user context...

7.8CVSS5.9AI score0.00497EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2022/10/01 5:29 a.m.10 views

mis-sklep.pl Cross Site Scripting vulnerability OBB-2968708

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
CNVD
CNVD
added 2022/09/29 12:0 a.m.20 views

ISAMS Cross-Site Scripting Vulnerability

ISAMS is a 100% web-based MIS from ISAMS that can be accessed from anywhere, with multiple third-party integrations into the online learning platform. version 22.2.3.2 of ISAMS contains a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of...

5.4CVSS3.2AI score0.0046EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2022/08/30 7:13 p.m.14 views

mis-pol.pl Cross Site Scripting vulnerability OBB-2877981

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/08/28 12:8 p.m.8 views

mis-productions.co.uk Cross Site Scripting vulnerability OBB-2872433

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/08/17 12:0 a.m.35 views

Debian: Security Advisory (DSA-5207-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.12746EPSS
Exploits13References6
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.53 views

SUSE SLES12 Security Update : xen (SUSE-SU-2022:2574-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2574-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information...

8.8CVSS7.5AI score0.06451EPSS
Exploits3References24
Tenable Nessus
Tenable Nessus
added 2022/07/30 12:0 a.m.55 views

SUSE SLES15 Security Update : xen (SUSE-SU-2022:2601-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2601-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable...

8.8CVSS7.5AI score0.06451EPSS
Exploits3References24
Veracode
Veracode
added 2022/07/15 2:32 a.m.41 views

Arbitrary Code Execution

xen is vulnerable to arbitrary code execution. The vulnerability exists in hw due to Mis-trained branch predictions for return instructions which allows an attacker to inject and execute arbitrary speculative codes under certain microarchitecture-dependent conditions...

3.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/07/13 12:0 a.m.55 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2377-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2377-1 advisory. - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection...

8.2CVSS7.8AI score0.04947EPSS
Exploits4References68
NVD
NVD
added 2022/07/12 7:15 p.m.25 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS0.03764EPSS
Exploits0References6
OSV
OSV
added 2022/07/12 7:15 p.m.5 views

ALPINE-CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.8AI score0.03764EPSS
Exploits0References1
Prion
Prion
added 2022/07/12 7:15 p.m.36 views

Design/Logic Flaw

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

2.1CVSS7.4AI score0.03764EPSS
Exploits0References6Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/07/12 7:0 p.m.5 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.4AI score0.03764EPSS
Exploits0References18
CVE
CVE
added 2022/07/12 3:50 p.m.391 views

CVE-2022-29900

CVE-2022-29900 describes mis-trained branch predictions for return instructions that may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Connected advisories confirm this affects Linux-kernel components (e.g., linux-5.10 in Astra Linux; multiple Am...

6.5CVSS7.3AI score0.03764EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2022/05/14 1:1 a.m.36 views

GHSA-MC6J-H948-V2P6 RubyGems Improper Verification of Cryptographic Signature vulnerability

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, and Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contain an Improper Verification of Cryptographic Signature vulnerability in package.rb. This can resu...

9.8CVSS9.2AI score0.03037EPSS
Exploits0References21
RubySec
RubySec
added 2022/05/14 12:0 a.m.20 views

RubyGems Improper Verification of Cryptographic Signature vulnerability

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, and Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contain an Improper Verification of Cryptographic Signature vulnerability in package.rb. This can resu...

9.8CVSS2.7AI score0.03037EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/05/11 12:0 a.m.17 views

Hotel Management System SQL Injection Vulnerability

Hotel Management System is a MIS project based on a hotel management system. v1.0 of Hotel Management System is vulnerable to SQL injection, which stems from a login page whose username parameter was found to contain SQL injection. An attacker could exploit the vulnerability to perform SQL...

7.5CVSS1.7AI score0.009EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2022/04/25 4:1 p.m.13 views

Shopify: Staff without Manage Themes permissions can update themes

Vulnerability description not provided...

7.1AI score
Exploits0
CNVD
CNVD
added 2022/04/18 12:0 a.m.27 views

MariaDB Binary_string::free_buffer() component memory misreference vulnerability

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A memory misreference vulnerability exists in MariaDB v10.6.3 and lower, which stems from a post-release reuse error in the component...

7.4AI score
Exploits0References1
Rows per page
Query Builder