Lucene search
K

143 matches found

OSV
OSV
added 2021/03/30 2:15 a.m.6 views

CVE-2021-25160

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...

4.9CVSS6.6AI score0.07093EPSS
Exploits2References3
OSV
OSV
added 2021/03/30 1:15 a.m.3 views

CVE-2021-25155

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...

6.5CVSS6.9AI score0.13312EPSS
Exploits5References4
CVE
CVE
added 2021/03/24 3:32 p.m.54 views

CVE-2019-19349

CVE-2019-19349 describes an insecure modification vulnerability in the /etc/passwd file within the container operator-framework/operator-metering as shipped in Red Hat OpenShift 4 . An attacker with access to the container could modify /etc/passwd and escalate privileges. The connected documents ...

7.8CVSS7.6AI score0.00339EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/02/17 7:50 p.m.2 views

GHSA-PJ4G-4488-WMXM Dynamic modification of RPyC service due to missing security check

Impact Version 4.1.0 of RPyC has a vulnerability that affects custom RPyC services making it susceptible to authenticated remote attacks. Patches Git commits between September 2018 and October 2019 and version 4.1.0 are vulnerable. Use a version of RPyC that is not affected. Workarounds The commi...

8.5CVSS6.4AI score0.13049EPSS
Exploits2References7
NVD
NVD
added 2020/09/03 3:15 p.m.27 views

CVE-2019-10679

Thomson Reuters Eikon 4.0.42144 allows all local users to modify the service executable file because of weak %PROGRAMFILESX86%\Thomson Reuters\Eikon permissions...

7.8CVSS7.5AI score0.00478EPSS
Exploits3References5
CNVD
CNVD
added 2020/08/26 12:0 a.m.5 views

Vertiv UPS Management Module FTP Service Arbitrary File Modification Vulnerability

Vertiv Technologies Limited Vertiv, was founded in 2000. Vertiv designs, manufactures and provides services for critical infrastructure equipment to keep data centers, communication networks, commercial and industrial facilities running well, and provides power supply and distribution, thermal...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/08/06 12:0 a.m.11 views

Cisco AnyConnect Secure Mobility Client Configuration File Modification Vulnerability

The Cisco AnyConnect Secure Mobility Client is a virtual private network VPN client for a variety of operating systems and hardware configurations. A configuration file modification vulnerability exists in the Inter-Process Communication IPC channel in Cisco AnyConnect Secure Mobility Client...

5.5CVSS6.5AI score0.00337EPSS
Exploits1References1
OSV
OSV
added 2020/07/15 6:15 p.m.2 views

CVE-2020-14693

Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6-8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

6.5CVSS7.3AI score0.00972EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.4 views

Zhengzhou Soter Information Technology Co., Ltd. digital campus management platform has a logic flaw vulnerability

Zhengzhou Sothe Information Technology Co., Ltd. is a software technology as the core, is committed to providing customers with software products, perfect technical support and software outsourcing services company. Zhengzhou Soter Information Technology Co., Ltd. digital campus management platfo...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2020/03/16 7:49 p.m.27 views

CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...

7.1AI score0.00514EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/02 12:0 a.m.4 views

Odoo Access Control Error Vulnerability (CNVD-2019-30570)

Odoo is an open source commercial system from the Belgian company Odoo. An access control error vulnerability exists in the password encryption module in Odoo version 9.0 Community and Enterprise, which can be exploited by an attacker to modify another user's password...

6.5CVSS7AI score0.00603EPSS
Exploits0References1
NVD
NVD
added 2019/04/23 7:32 p.m.25 views

CVE-2019-2594

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Application Server. Supported versions that are affected are 8.55, 8.56 and 8.57. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

6.8CVSS6AI score0.01146EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/18 12:0 a.m.5 views

Intel Converged Security and Management Engine and Intel TXE Content Protection Subsystem Unauthorized Data Modification Vulnerability

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation.Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust enforcement engine with hardware authentication capabilities used in the CPU Central...

4.4CVSS6.6AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2019/02/17 6:29 p.m.4 views

CVE-2019-8408

OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice...

4.9CVSS5.8AI score0.0123EPSS
Exploits1References1
CVE
CVE
added 2019/02/06 4:0 p.m.57 views

CVE-2019-1003017

The CVE-2019-1003017 entry concerns Jenkins Job Import Plugin (3.0 and earlier). The vulnerability stems from a data modification flaw in JobImportAction.java that enables attackers to copy jobs from a preconfigured external Jenkins instance, potentially installing additional plugins needed to lo...

5.3CVSS5AI score0.00524EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2019/02/06 4:0 p.m.18 views

CVE-2019-1003017

A data modification vulnerability exists in Jenkins Job Import Plugin 3.0 and earlier in JobImportAction.java that allows attackers to copy jobs from a preconfigured other Jenkins instance, potentially installing additional plugins necessary to load the imported job's configuration...

5.3CVSS5AI score0.00524EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/02 12:0 a.m.3 views

Apple macOS file modification vulnerability

macOS is Apple's proprietary operating system for the Mac line of products. A file modification vulnerability exists in the EFI component in Apple macOS High Sierra 10.13.6, macOS Mojave 10.14. A local user can exploit the vulnerability to modify protected portions of the file system...

5.5CVSS6AI score0.00301EPSS
Exploits0References1
Prion
Prion
added 2018/08/01 1:29 p.m.15 views

Design/Logic Flaw

A data modification vulnerability exists in Jenkins Agiletestware Pangolin Connector for TestRail Plugin 2.1 and earlier in GlobalConfig.java that allows attackers with Overall/Read permission to override this plugin's configuration by sending crafted HTTP requests to an unprotected endpoint...

4CVSS6.3AI score0.01019EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/08/01 1:0 p.m.68 views

CVE-2018-1999037

CVE-2018-1999037 affects Jenkins Resource Disposer Plugin up to version 0.11. The vulnerability is in AsyncResourceDisposer.java and allows an attacker to stop tracking a resource (data modification). Related advisories confirm an additional CSRF weakness in the API endpoint prior to version 0.12...

4.3CVSS4.4AI score0.00761EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/11/17 12:0 a.m.5 views

October CMS Apache Configuration Modification Vulnerability

OctoberCMS is a CMS system based on Laravel PHP development framework. October CMS build 412 suffers from an Apache configuration modification vulnerability. The vulnerability can be exploited to compromise a website and other applications on the server via the file upload feature...

9.8CVSS7.2AI score0.01237EPSS
Exploits0References1
Rows per page
Query Builder