Lucene search
K

360 matches found

OSV
OSV
added 2017/12/26 4:29 a.m.5 views

CVE-2017-12736

After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...

8.8CVSS5.8AI score0.00999EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/12/13 4:48 p.m.10 views

OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

5.3CVSS7.4AI score0.03305EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/12 1:32 p.m.4 views

mysql: Server: Partition unspecified vulnerability (CPU Jan 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Partition. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol...

7.5CVSS7.1AI score0.03389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/11/27 6:4 p.m.5 views

OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

5.3CVSS7.4AI score0.03305EPSS
Exploits0References4
OSV
OSV
added 2017/11/16 2:29 p.m.5 views

CVE-2017-5738

Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure...

9.1CVSS5.8AI score0.01531EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/10/23 7:44 a.m.7 views

OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.03143EPSS
Exploits0References4
NVD
NVD
added 2017/10/13 5:29 p.m.20 views

CVE-2017-10615

A vulnerability in the pluggable authentication module PAM of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 fr...

9.8CVSS9.9AI score0.02455EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/10/12 7:53 a.m.7 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7.3AI score0.0245EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/09/21 7:42 a.m.4 views

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.35 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

6.5CVSS7.2AI score0.02335EPSS
Exploits0References5
Prion
Prion
added 2017/09/01 1:29 p.m.15 views

Authentication flaw

A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe MLS versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response...

4.3CVSS5.7AI score0.03176EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2017/09/01 1:29 p.m.30 views

CVE-2017-3898

A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe MLS versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response...

5.9CVSS5.7AI score0.03176EPSS
Exploits2References1
NVD
NVD
added 2017/09/01 1:29 p.m.22 views

CVE-2017-3897

A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus MSS+ versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response...

9.8CVSS9.7AI score0.11679EPSS
Exploits2References2
Cvelist
Cvelist
added 2017/09/01 1:0 p.m.29 views

CVE-2017-3898

A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe MLS versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response...

6AI score0.03176EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2017/08/14 9:48 a.m.6 views

OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

9.6CVSS7.4AI score0.02415EPSS
Exploits0References4
OSV
OSV
added 2017/04/24 12:0 a.m.4 views

UBUNTU-CVE-2017-3460

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Audit Plug-in. Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS6.6AI score0.02194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2016/12/24 12:0 a.m.10 views

PT-2016-3058 · Mysql Server +6 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.5.53 and earlier MySQL Server versions 5.6.34 and earlier MySQL Server versions 5.7.16 and earlier Description: The issue is related to inadequate access control in the MySQL Server component, specifically in the Serve...

10CVSS7AI score0.6773EPSS
Exploits105References583
OSV
OSV
added 2015/12/07 2:12 p.m.7 views

SUSE-SU-2015:2174-1 Security update for dhcpcd

dhcpcd was updated to fix three security issues. These security issues were fixed: - CVE-2012-6698: A potential out of bounds write was fixed, which could lead to memory corruption, triggerable by network local attackers. - CVE-2012-6699: A loop error was fixed that could lead out of bound reads,...

7.5CVSS7.6AI score0.01967EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2015/06/05 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a perpetrator to replace data.

The implementation of the spelling checking function in the Google Chrome browser does not require the use of a secure HTTPS connection. As a result, those who control network traffic can replace the elements of the dictionary...

4.3CVSS7.7AI score0.00989EPSS
Exploits0References4Affected Software1
0day.today
0day.today
added 2013/02/13 12:0 a.m.41 views

Polycom HDX Telnet Authorization Bypass Vulnerability

The Polycom HDX is a series of telecommunication and video devices. The telnet component of Polycom HDX video endpoint devices is vulnerable to an authorization bypass when multiple simultaneous connections are repeatedly made to the service, allowing remote network attackers to gain full access ...

8.6AI score
Exploits0
Metasploit
Metasploit
added 2013/01/18 12:0 a.m.76 views

Polycom Command Shell Authorization Bypass

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

4.8AI score
Exploits0
Rows per page
Query Builder