Lucene search
K

20 matches found

CVE
CVE
added 2024/12/20 1:54 a.m.104 views

CVE-2022-32203

CVE-2022-32203 describes a command-injection vulnerability in Huawei terminal printer products. The issue allows high-privilege code execution on the printer after exploitation over the network (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8). The root cause is described as insufficient...

9.8CVSS9.6AI score0.01146EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/09 11:29 a.m.84 views

CVE-2023-51360

CVE-2023-51360 affects the WordPress plugin Essential Blocks for Gutenberg (vulnerable:

8.8CVSS5.7AI score0.00573EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/07/16 10:14 p.m.98 views

CVE-2024-3171

CVE-2024-3171 affects Google Chrome (Chromium) before 122.0.6261.57. It is a use-after-free in Accessibility that can lead to heap corruption when a user is persuaded to perform specific UI gestures. The issue requires user interaction and is mitigated by updating to Chrome 122.0.6261.57 or later...

8.8CVSS7.2AI score0.00305EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/07/09 8:11 p.m.122 views

CVE-2024-34723

Summary: CVE-2024-34723 describes a logic error in Android’s ParcelableListBinder.java (onTransact) that could enable local elevation of privilege by stealing the mAllowlistToken to launch an app from the background, without extra privileges or user interaction. The vulnerability is tied to how P...

7.8CVSS6.8AI score0.00115EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/04/25 8:39 a.m.73 views

CVE-2024-25917

CVE-2024-25917 affects the WordPress WP Setup Wizard plugin prior to version 1.0.8.2, exposing an authentication/authorization bypass that allows an authenticated subscriber or higher to perform an unauthenticated-like action: full database download. Root cause identified as a missing capability ...

8.8CVSS8.6AI score0.00644EPSS
Exploits0References1
CVE
CVE
added 2024/02/23 7:16 p.m.18 views

CAN-2004-0178

Technical details for CVE-2004-0178 are not publicly provided in the supplied documents; no affected products, root cause, impact, or fixes are disclosed here. Monitor for updates from connected advisories.

7.5AI score0.00442EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:55 p.m.20 views

CAN-2004-0558

CVE-2004-0558 is referenced across multiple advisories (Slackware SSA:2004-266-01, Gentoo GLSA 200409-25, SLES9 updates, FreeBSD/FreeBSD Ports) as a CUPS-related issue. OpenVAS entries label it as a CUPS DoS with CVSS 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P). The connected docs discuss affected packages ...

7.5AI score0.26794EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:55 p.m.17 views

CAN-2004-0755

CVE-2004-0755 relates to Ruby CGI::Session's FileStore creating session files with insecure permissions, potentially allowing session information leakage. The JVN entry describes the issue, noting improper file permissions in CGI::Session FileStore. Fedo ra advisories mention a security fix and p...

7.5AI score0.00364EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:51 p.m.17 views

CAN-2004-0980

CVE-2004-0980 is a format-string vulnerability in ez-ipupdate. The connected documents identify ez-ipupdate as affected, specifically versions 3.0.10 through 3.0.11b8, with exploitation possible when running in daemon mode with certain service types in use, allowing remote execution of arbitrary ...

7.5AI score0.03818EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:50 p.m.18 views

CAN-2004-0986

CVE-2004-0986 affects iptables before 1.2.11. Multiple sources (SUSE SUSE CVE, OSV, NVD) state that under certain conditions, iptables fails to load required modules at system startup, leaving firewall rules possibly unenforced and the system vulnerable to remote attackers. Remediation in sources...

7.5AI score0.0189EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:15 p.m.15 views

CAN-2004-1308

CVE-2004-1308 refers to an integer overflow/heap-overflow vulnerability in libtiff used by TIFF parsing. The linked Nessus/CenterOS/RHEL/Ubuntu advisories attribute this to kdegraphics/kfax components, with updates available that backport patches in libtiff. Exploitation would involve a malicious...

7.5AI score0.14972EPSS
Exploits1
CVE
CVE
added 2024/02/23 6:12 p.m.20 views

CAN-2005-0020

CVE-2005-0020 describes a buffer overflow in playmidi prior to 2.4 that could allow a local user to execute arbitrary code. This vulnerability is documented across multiple sources (NVD, OSV, Debian/DSA entries, CVE listing, and vendor advisories) with the impact restricted to local privilege esc...

7.5AI score0.00513EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:3 p.m.17 views

CAN-2005-0446

CVE-2005-0446 affects Squid 2.5.STABLE8 and earlier, with DoS via crafted DNS responses that trigger a crash during FQDN/ipcache handling. The connected advisories indicate multiple distributions addressing this issue: Ubuntu USN-84-1 (DNS/ACLs and the bad DNS response in DNS resolution), Fedora ...

7.5AI score0.41109EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:58 p.m.14 views

CAN-2005-0393

CVE-2005-0393 relates to crip 3.5: the helper scripts do not properly use temporary files, which can allow local users to cause an unknown impact with unknown attack vectors. The connected sources (OSV, NVD, Debian tracker, Red Hat entry, Debian/OSS plugins) confirm the same description. No speci...

7.5AI score0.00381EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:57 p.m.13 views

CAN-2005-1934

CVE-2005-1934 affects the Gaim multi-protocol instant messaging client, where a malformed MSN Messenger message can cause memory allocation errors and crash the application. Connected advisories describe this as part of two DoS issues in Gaim and reference fixed-updates (e.g., upgrade to version ...

7.5AI score0.02385EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:57 p.m.19 views

CAN-2005-1992

CVE-2005-1992 concerns Ruby’s XMLRPC server, where an insecure default in utils.rb (and related XMLRPC.iPIMethods handling) can allow a remote attacker to execute arbitrary commands if the server is used in a vulnerable configuration. Public advisories (e.g., RHSA-2005:543, USN-146-1) document th...

7.5AI score0.06565EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:56 p.m.12 views

CAN-2005-2088

The connected Nessus document lists CVE-2005-2088 as an HTTP Request Smuggling issue in Apache httpd when acting as a proxy: Apache 1.3.x before 1.3.34 and 2.0.x before 2.0.55 are vulnerable to crafted requests with both Transfer-Encoding: chunked and Content-Length headers, leading to misinterpr...

7.5AI score0.20461EPSS
Exploits1
CVE
CVE
added 2024/02/20 12:46 p.m.15 views

CVE-2014-5515

According to the Ubuntu security entry for CVE-2014-5515, ntopng had several vulnerabilities that were fixed upstream in version 1.2.1. The connected records provide no further details (affected versions, root cause, impact, or exploit information). No MITRE/attack details are included. Remediati...

7.5AI score
Exploits0
CVE
CVE
added 2023/02/13 4:16 p.m.17 views

CVE-2021-0745

CVE-2021-0745 is listed in Android 12 release notes under System with type ID (information disclosure) and severity Moderate, referenced by Android bug ID A-187709482. The bulletin notes that issues fixed in Android 12 are addressed when devices run Android 12 with a patched level, and that sourc...

8.7AI score
Exploits0
CVE
CVE
added 2023/02/13 4:16 p.m.17 views

CVE-2021-0738

Android 12 Framework contains CVE-2021-0738 (listed under Framework in the Android 12 Security Release Notes). It is categorized as Type: ID (Information Disclosure) with a Moderate severity, and references the Android bug ID A-188802680. The snippet does not provide the exact root cause, vulnera...

8.7AI score
Exploits0
Rows per page
Query Builder