Lucene search
K

7657 matches found

CNVD
CNVD
added 2022/04/22 12:0 a.m.18 views

Google Android Denial of Service Vulnerability (CNVD-2022-46290)

Google Android is a Linux-based open source operating system from Google, Inc. A denial-of-service vulnerability exists in Google Android, which stems from a possible crash in the re-initialization of HeifDecoderImpl.cpp due to a missing null check. A remote attacker could exploit the vulnerabili...

6.5CVSS5.5AI score0.00399EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/04/19 3:50 p.m.2 views

389-ds-base: double free of the virtual attribute context in persistent search

A double free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...

7.5CVSS5.8AI score0.01983EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.300 views

WordPress Videos Sync PDF 1.7.4 Cross Site Scripting

Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...

Exploits0
Tenable Nessus
Tenable Nessus
added 2022/04/19 12:0 a.m.36 views

RHEL 8 : 389-ds:1.4 (RHSA-2022:1410)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1410 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

7.5CVSS7.1AI score0.01983EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.334 views

WordPress Popup Maker 1.16.5 Cross Site Scripting

Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.399 views

WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...

7.4AI score
Exploits0
NVD
NVD
added 2022/04/15 3:15 p.m.22 views

CVE-2022-20661

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.9CVSS0.00216EPSS
Exploits0References1
OSV
OSV
added 2022/04/15 3:15 p.m.6 views

CVE-2022-20661

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.6CVSS5.9AI score0.00216EPSS
Exploits0References1
Prion
Prion
added 2022/04/15 3:15 p.m.19 views

Design/Logic Flaw

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.9CVSS5.2AI score0.00216EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/15 2:20 p.m.23 views

CVE-2022-20731 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.6CVSS7AI score0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/04/15 2:20 p.m.15 views

CVE-2022-20731 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.6CVSS7.3AI score0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/04/15 2:16 p.m.9 views

CVE-2022-20661 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.6CVSS7.3AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/15 2:16 p.m.20 views

CVE-2022-20661 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

4.6CVSS6AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/15 12:0 a.m.4 views

Cisco Catalyst Digital Building Series Switches 安全漏洞

Cisco Catalyst Digital Building Series Switches are a series of digital building switches from Cisco USA. A security vulnerability exists in the Cisco Catalyst Digital Building Series Switches where an authenticated local attacker with level 15 privileges or an unauthenticated attacker with...

7.2CVSS6.2AI score0.00235EPSS
Exploits0References3
CVE
CVE
added 2022/04/14 2:12 p.m.71 views

CVE-2021-45227

COINS Construction Cloud 11.12 contains a persistent Cross-Site Scripting (XSS) flaw in the file upload flow due to inappropriate handling of HTML IFRAME elements. Root cause: improper IFRAME usage during uploads enables script persistence. Impact is documented as client-side compromise; CVSS sco...

5.4CVSS5.2AI score0.00576EPSS
Exploits1References2Affected Software1
Cisco
Cisco
added 2022/04/13 4:0 p.m.43 views

Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

6.8CVSS0.9AI score0.00235EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/04/13 12:0 a.m.5 views

ghost-as-middleware (=1.0.0), ghost-blade (=0.1.0) +3 more potentially affected by CVE-2022-28397 via ghost (>=0.11.14 <=1.26.2)

ghost NPM version =0.11.14, =0.1.7, =0.1.10 - persistent-ghost =0.8.2 - sign-alex =1.0.1 Source cves: CVE-2022-28397 Source advisory: OSV:GHSA-FFHQ-G856-9F2P...

9.8CVSS7.2AI score0.03532EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/04/11 8:20 p.m.7 views

CVE-2022-24833 Persistent Cross-site Scripting (XSS) vulnerability in PrivateBin

PrivateBin is minimalist, open source online pastebin clone where the server has zero knowledge of pasted data. In PrivateBin v1.4.0 a cross-site scripting XSS vulnerability was found. The vulnerability is present in all versions from v0.21 of the project, which was at the time still called...

8.2CVSS7.3AI score0.01271EPSS
Exploits1References2
CNVD
CNVD
added 2022/04/11 12:0 a.m.11 views

Huawei FLMG-10 Authorization Issues Vulnerability

Huawei FLMG-10 is a high-end Bluetooth remote control speaker from Huawei, China. The Huawei FLMG-10 suffers from an authorization issue vulnerability that stems from incorrect authentication issues. A local attacker can exploit the vulnerability to install a persistent and cryptic bootstrap or...

7.2CVSS7.4AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.2 views

Huawei FLMG-10 授权问题漏洞

Huawei FLMG-10 is a high-end Bluetooth remote control speaker from Huawei, China. The Huawei FLMG-10 suffers from an authorization issue vulnerability that stems from incorrect authentication issues. A local attacker can exploit the vulnerability to install a persistent and cryptic bootstrap or...

7.2CVSS5.7AI score0.00194EPSS
Exploits0References3
Rows per page
Query Builder