Lucene search
K

360 matches found

OSV
OSV
added 2021/02/02 7:15 p.m.3 views

CVE-2021-23271

The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Stored Cross Site Scripting XSS attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX:...

8CVSS7.3AI score0.00922EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2021/01/23 8:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

6.8CVSS7AI score0.02157EPSS
Exploits0
Prion
Prion
added 2020/12/14 9:15 p.m.16 views

Format string

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins...

5CVSS8AI score0.01147EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2020/10/27 7:0 a.m.5 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

6.8CVSS7AI score0.02099EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/10/20 12:0 a.m.6 views

PT-2020-4503

Name of the Vulnerable Software and Affected Versions Java SE versions 7u271, 8u261, 11.0.8, and 15 Java SE Embedded version 8u261 Description The issue is related to insufficient input validation in the Serialization component, allowing an unauthenticated attacker with network access via multipl...

7.4CVSS7.2AI score0.37618EPSS
Exploits0References295
RedHat Linux
RedHat Linux
added 2020/09/15 4:18 p.m.6 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS7.3AI score0.02653EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/15 4:18 p.m.6 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.017 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS7.3AI score0.02466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/14 12:58 p.m.6 views

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS7.3AI score0.02522EPSS
Exploits0References5
OSV
OSV
added 2020/09/01 6:15 p.m.5 views

CVE-2020-17405

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...

8.8CVSS6.2AI score0.02045EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7AI score0.02142EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.1 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7AI score0.01985EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/08/05 10:14 a.m.12 views

kubernetes: node localhost services reachable via martian packets

A flaw was found in Kubernetes that allows attackers on adjacent networks to reach services exposed on localhost ports, previously thought to be unreachable. This flaw allows an attacker to gain privileges or access confidential information for any services listening on localhost ports that are n...

8.8CVSS6.8AI score0.03597EPSS
Exploits5References5
OSV
OSV
added 2020/07/28 6:15 p.m.8 views

CVE-2020-10923

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000. A...

8.8CVSS7.1AI score0.84676EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2020/07/16 9:40 a.m.3 views

OpenJDK: Excessive memory usage in ImageIO TIFF plugin (ImageIO, 8233239)

Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

5.3CVSS5.9AI score0.05166EPSS
Exploits0References4
Prion
Prion
added 2020/04/30 10:15 p.m.19 views

Code injection

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings...

3.3CVSS7.9AI score0.00574EPSS
Exploits0References1Affected Software11
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.31 views

F5 Networks BIG-IP : BIG-IP Virtual Edition TMM vulnerability (K73274382)

BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings. CVE-2020-5888 Impact Hosts in adjacent networks may be able to bypass port lockdown settings on BIG-IP VE hosts. C Tenable Network Security, Inc. The...

8.1CVSS7.7AI score0.00574EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/04/21 10:29 a.m.5 views

OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.3AI score0.04128EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/04/15 1:29 p.m.22 views

CVE-2020-2762

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

4.9CVSS5AI score0.02522EPSS
Exploits0References7
NVD
NVD
added 2020/02/11 12:15 p.m.28 views

CVE-2020-7217

An nidhcp4fsmprocessdhcp4packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id...

7.5CVSS8.2AI score0.01638EPSS
Exploits0References4
Prion
Prion
added 2020/02/11 12:15 p.m.17 views

Memory corruption

An nidhcp4fsmprocessdhcp4packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id...

5CVSS7.3AI score0.01638EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder