Lucene search
K

4604 matches found

Positive Technologies
Positive Technologies
added 2021/08/11 12:0 a.m.4 views

PT-2021-6503 · Unknown +1 · Tinyobjloader +1

Name of the Vulnerable Software and Affected Versions: tinyobjloader versions v2.0-rc1 through development commit 79d4421 Description: An improper array index validation issue exists in the LoadObj functionality, allowing a specially crafted file to potentially lead to code execution. An attacker...

9.6CVSS8.7AI score0.0188EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.3 views

PT-2021-3826 · Microsoft · Windows Bluetooth Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Bluetooth Driver affected versions not specified Description: The issue is related to insufficient access control in the Windows Bluetooth Driver, which can be exploited to elevate privileges. This could allow an attacker to affect th...

8CVSS7.2AI score0.00431EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.2 views

PT-2021-4039 · Microsoft · Windows Digital Tv Tuner Device Registration Application +1

Name of the Vulnerable Software and Affected Versions: Windows Digital TV Tuner device registration application affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Digital TV Tuner device registration application, which can be...

7.8CVSS7.2AI score0.00457EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.2 views

PT-2021-3900 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue is related to the Windows User Profile Service and is associated with insufficient access restrictions. It allows an attacker to elevate their privileges. The vulnerability ca...

7.8CVSS8.7AI score0.14393EPSS
Exploits2References21
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.6 views

PT-2021-18161 · D Link · D-Link Dsl-2740E

Name of the Vulnerable Software and Affected Versions: D-Link DSL-2740R version UK 1.01 Description: A Null Pointer Dereference issue exists, which could allow a remote malicious user to cause a denial of service via the send hnap unauthorized function. This can be triggered by sending a crafted...

7.5CVSS7.2AI score0.01127EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/07/20 12:0 a.m.7 views

PT-2021-3865 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.0.0 through 9.5.28 TYPO3 versions 10.0.0 through 10.4.17 TYPO3 versions 11.0.0 through 11.3.0 Description: The issue is related to the components QueryGenerator and QueryView in the TYPO3 content management system, which are...

6.4CVSS4.9AI score0.00598EPSS
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/07/19 7:53 a.m.3 views

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting

Overview Trend Micro Incorporated has released a security update for InterScan Web Security Virtual Appliance IWSVA. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN. Impact A user may be redirected to an arbitrary website due to the...

5.4CVSS6.1AI score0.01398EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/07/12 12:0 a.m.5 views

PT-2024-11336 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc7 Description: A vulnerability in the Linux kernel has been resolved, which involved a bad pointer dereference when the ehandler kthread is invalid. The issue occurred when the error handler thread fail...

9.8CVSS7.5AI score0.17563EPSS
Exploits8References1216
CBLMariner
CBLMariner
added 2021/07/08 9:56 p.m.14 views

CVE-2021-20221 affecting package qemu-kvm 4.2.0-48

CVE-2021-20221 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...

6CVSS7.5AI score0.00323EPSS
Exploits0
CBLMariner
CBLMariner
added 2021/07/08 9:56 p.m.27 views

CVE-2007-2768 affecting package openssh 8.9p1-3

CVE-2007-2768 affecting package openssh 8.9p1-3. A patched version of the package is available...

4.3CVSS7.5AI score0.08654EPSS
Exploits0
OSV
OSV
added 2021/07/01 6:15 p.m.22 views

CVE-2021-32730

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A cross-site request forgery vulnerability exists in versions prior to 12.10.5, and in versions 13.0 through 13.1. It's possible for forge an URL that, when accessed by an admin, will reset th...

5.7CVSS5.7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/06/22 12:0 a.m.3 views

PT-2021-10740 · Unknown · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue concerns a SQL injection vulnerability located in the hmsadminbetweendates-detailsreports.php file. This vulnerability can be exploited by remote unauthenticated...

7.5CVSS7.6AI score0.02188EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2021/06/15 12:0 a.m.194 views

SAP Solution Manager 7.2 (ST 720) Open Redirection

Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis Impact on Business Under certain circumstances, an attacker might be able to steal a cookie from the application. It may impact the confidentiality of the service. Advisory Information - Public Release Dat...

5.8CVSS5.3AI score0.02338EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/06/11 12:0 a.m.7 views

PT-2021-15203

Name of the Vulnerable Software and Affected Versions PowerLogic EGX100 versions 3.0.0 and newer PowerLogic EGX300 all versions Description A CWE-20: Improper Input Validation issue exists that could cause denial of service or remote code execution via a specially crafted HTTP packet...

9.8CVSS7.8AI score0.02708EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/06/02 12:0 a.m.4 views

PT-2021-19360 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

7.8CVSS7.8AI score0.01419EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/06/02 12:0 a.m.7 views

PT-2021-19379 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

7.8CVSS7.8AI score0.01419EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/06/02 12:0 a.m.4 views

PT-2021-19365 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

7.8CVSS7.8AI score0.01419EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/06/02 12:0 a.m.4 views

PT-2021-19378 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

7.8CVSS8AI score0.01419EPSS
Exploits0References5
OSV
OSV
added 2021/05/28 9:15 p.m.4 views

UBUNTU-CVE-2021-29507

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

6.5CVSS6.6AI score0.00749EPSS
Exploits0References3
CVE
CVE
added 2021/05/28 9:0 p.m.95 views

CVE-2021-29507

GENIVI Diagnostic Log and Trace (DLT) affects GENIVI DLT versions 2.10.0–2.18.6. The vulnerability arises when a configuration file contains special characters, causing a vulnerable component to crash and preventing applications from generating dlt logs. As documented, there was no patch at publi...

6.5CVSS5.8AI score0.00749EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder