Lucene search
K

5103 matches found

Positive Technologies
Positive Technologies
added 2021/05/05 12:0 a.m.3 views

PT-2024-11102 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc8+ Description: The issue arises when booting a kernel with "irqchip.gicv3 pseudo nmi=1" on the command line, causing a warning during kernel entry due to the manipulation of the PMR. The lockdep hardir...

5.5CVSS8.6AI score0.00246EPSS
Exploits0References21
CNVD
CNVD
added 2021/04/16 12:0 a.m.8 views

Priority Software Priority Enterprise Management System Cross-Site Scripting Vulnerability

Priority Software Priority Enterprise Management System is an application from Priority Software, Inc. An intelligent ERP platform for managing organizations in the cloud. A cross-site scripting vulnerability exists in Priority Enterprise Management System version v8.00, which originates from the...

6.1CVSS6.2AI score0.00846EPSS
Exploits0References1
NVD
NVD
added 2021/04/14 2:15 p.m.14 views

CVE-2021-26832

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

6.1CVSS0.00846EPSS
Exploits0References1
OSV
OSV
added 2021/04/14 2:15 p.m.2 views

CVE-2021-26832

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

6.1CVSS5.9AI score0.00846EPSS
Exploits0References1
Prion
Prion
added 2021/04/14 2:15 p.m.18 views

Cross site scripting

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

4.3CVSS6AI score0.00846EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/04/14 1:45 p.m.44 views

CVE-2021-26832

CVE-2021-26832 describes a cross-site scripting (XSS) vulnerability in Priority Enterprise Management System v8.00, originating from the Reset Password page form. The available references indicate that an attacker can cause a victim’s browser to execute JavaScript by delivering a malicious URL or...

6.1CVSS6AI score0.00846EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/14 1:45 p.m.17 views

CVE-2021-26832

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

6.2AI score0.00846EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.3 views

Priority Software Priority Enterprise Management System 跨站脚本漏洞

Priority Software Priority Enterprise Management System is an application from Priority Software, Inc. An intelligent ERP platform for managing organizations in the cloud. A cross-site scripting vulnerability exists in Priority Enterprise Management System version v8.00, which originates from the...

6.1CVSS5.1AI score0.00846EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/04/06 5:15 p.m.4 views

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

7.8CVSS7.1AI score0.01377EPSS
Exploits1References4
Jake Archibald's Blog
Jake Archibald's Blog
added 2021/03/26 1:0 a.m.212 views

Who has the fastest F1 website in 2021? Part 2

Ohhh, you've come back for more? Excellent. I was worried it was just going to be me sat here, typing to myself. This is part 2 in a multi-part series looking at the loading performance of F1 websites. Not interested in F1? It shouldn't matter. This is just a performance review of 10...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/22 3:49 p.m.155 views

Adobe Fixes Critical ColdFusion Flaw in Emergency Update

In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion platform, used for building web applications. The security alert comes two weeks after Adobe’s regularly-scheduled updates. During these updates, the tech company issued patches for a slew of critica...

1.8AI score0.37095EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2021/03/20 4:51 a.m.185 views

USN-4884-1: Linux kernel (OEM) vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 It was discovered that the priority inheritance futex...

7.8CVSS7AI score0.01377EPSS
Exploits1
OSV
OSV
added 2021/03/20 4:51 a.m.9 views

USN-4884-1 linux-oem-5.10 vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 It was discovered that the priority inheritance futex...

7.8CVSS6.9AI score0.01377EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/03/17 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-4878-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.02417EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/03/16 6:21 a.m.211 views

USN-4878-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Ryota Shiga discovered that the sockopt BPF hooks in th...

8.8CVSS7.1AI score0.02417EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2021/02/05 8:0 a.m.4 views

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling allowing local users to execute code in the kernel aka CID-34b1a1ce1458.

...

7.8CVSS7AI score0.01377EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/01/12 8:1 p.m.345 views

January 2021 Patch Tuesday – 83 Vulnerabilities, 10 Critical, One Zero Day, Adobe

This month’s Microsoft Patch Tuesday addresses 83 vulnerabilities. The 10 Critical vulnerabilities cover Windows codecs, Office, HEVC video extensions, RPC runtime, and several other workstation vulnerabilities. Adobe released patches today for Photoshop, Campaign Classic, InCopy, Illustrator,...

7.2CVSS0.4AI score0.39653EPSS
Exploits1
ThreatPost
ThreatPost
added 2021/01/12 5:13 p.m.55 views

Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content

Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure. The software company’s regularly scheduled Tuesday security updates impact a slew of its...

0.1AI score0.05614EPSS
Exploits0References19
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.7 views

GaussDB Kernel: Configure an Audit Priority Policy

Configures the policy for determining whether audit logs are preferentially stored by space or time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2020/11/11 12:0 a.m.6 views

openGauss: Configure an Audit Priority Policy

Configures the policy for determining whether audit logs are preferentially stored by space or time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.4AI score
Exploits0References1
Rows per page
Query Builder