CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

344 matches found

ATTACKERKB•added 2022/09/06 7:44 a.m.•1 views

CVE-2022-38701

OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information...

6.2CVSS5.9AI score0.00187EPSS

Exploits0References2

CNNVD•added 2022/09/05 12:0 a.m.•17 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS is vulnerable to an authorization issue stemming from improper privilege management in the HwChrService module, which could be exploited b...

7.5CVSS6.7AI score0.00489EPSS

Exploits0References4

OSV•added 2022/09/01 12:0 a.m.•29 views

ASB-A-219808546

In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.2AI score0.00092EPSS

Exploits0References2

CNVD•added 2022/05/27 12:0 a.m.•42 views

Rancher Labs Rancher Sensitive Data Encryption Missing Vulnerability

Rancher Labs Rancher is an open source, enterprise-class container management platform from Rancher Labs, Inc. Rancher Labs Rancher is vulnerable to a sensitive data encryption miss vulnerability, which stems from the presence of sensitive data encryption misses. An attacker could exploit this...

3.6CVSS1.6AI score0.00369EPSS

Exploits1Affected Software2

Veracode•added 2022/05/26 7:18 a.m.•29 views

Man-in-the-middle (MITM)

github.com/rancher/rancher is vulnerable to man-in-the-middle attacks. A remote attacker is able to read and change network data because the network traffic in the cluster is sent unencrypted when it is created from an RKE template with the CNI value overridden...

6.8CVSS6.3AI score0.00369EPSS

Exploits1References6Affected Software1

NVD•added 2022/05/25 9:15 a.m.•13 views

CVE-2022-21951

A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This...

6.8CVSS0.00369EPSS

Exploits1References2

Prion•added 2022/05/25 9:15 a.m.•18 views

Design/Logic Flaw

3.6CVSS6.5AI score0.00369EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/05/25 8:15 a.m.•20 views

CVE-2022-21951 Rancher: Weave CNI password is not set if RKE template is used with CNI value overridden

6.8CVSS6.6AI score0.00369EPSS

Exploits1References2

CNNVD•added 2022/05/25 12:0 a.m.•3 views

Rancher Labs Rancher 安全漏洞

6.8CVSS5.6AI score0.00369EPSS

Exploits1References3

Positive Technologies•added 2022/05/25 12:0 a.m.•3 views

PT-2022-15200

Name of the Vulnerable Software and Affected Versions SUSE Rancher versions prior to 2.5.14 SUSE Rancher versions prior to 2.6.5 Description A Cleartext Transmission of Sensitive Information issue in SUSE Rancher allows attackers on the network to read and change network data due to missing...

6.8CVSS6.7AI score0.00369EPSS

Exploits1References7

OSV•added 2022/05/01 6:36 p.m.•14 views

GHSA-HF26-VVMX-X8C8 Plone Arbitrary Code Execution via Unsafe Handling of Pickles

Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the 1 statusmessages or 2 linkintegrity module, which the module unpickles and executes...

9.8CVSS7.2AI score0.02187EPSS

Exploits0References9

Github Security Blog•added 2022/05/01 6:36 p.m.•33 views

Plone Arbitrary Code Execution via Unsafe Handling of Pickles

7.5CVSS7.8AI score0.02187EPSS

Exploits0References9Affected Software1

OSV•added 2022/04/06 2:15 a.m.•13 views

CVE-2021-45104