Lucene search
K

72 matches found

CNNVD
CNNVD
added 2023/10/10 12:0 a.m.5 views

Fortinet FortiManager Security Vulnerability

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and the ability to group devices into different administrative domains ADOMs to further simplify multi-device security deployme...

6.5CVSS6.4AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2023/09/25 6:15 p.m.7 views

AZL-30045 CVE-2023-4156 affecting package gawk for versions less than 5.1.1-1

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...

7.1CVSS6.7AI score0.00428EPSS
Exploits1References1
Prion
Prion
added 2023/09/19 1:16 p.m.16 views

Sql injection

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data insert/update/delete, perform database administration operations and, in some cases, execute commands on the...

7.5CVSS9.6AI score0.00558EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/08/28 10:15 p.m.6 views

CVE-2023-40827

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter...

7.5CVSS7.5AI score0.01492EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/08/08 1:32 a.m.3 views

SUSE CVE-2023-4156

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...

3.3CVSS8.3AI score0.00428EPSS
Exploits1References25
OSV
OSV
added 2023/06/30 9:15 p.m.1 views

DEBIAN-CVE-2023-35947

Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the...

8.1CVSS7.6AI score0.00528EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/20 12:0 a.m.6 views

Open-Xchange OX App Suite 安全漏洞

Open-Xchange OX App Suite is an e-mail and productivity suite client software from German company Open-Xchange. A security vulnerability exists in OX App Suite that stems from overly lax default permissions on file attributes, which allows local system users to read potentially sensitive...

3.3CVSS4.9AI score0.00329EPSS
Exploits0References7
OSV
OSV
added 2023/02/14 4:15 a.m.5 views

CVE-2023-0025

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources...

5.4CVSS5.8AI score0.00345EPSS
Exploits0References2
OSV
OSV
added 2023/02/09 5:21 p.m.3 views

USN-5852-1 swift vulnerability

It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server...

6.5CVSS6.8AI score0.01001EPSS
Exploits1References2
OSV
OSV
added 2022/12/13 4:15 a.m.3 views

CVE-2022-41274

SAP Disclosure Management - version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can lead to the exposure of data like financial reports...

6.5CVSS5.8AI score0.00555EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.5 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 Core, which can be exploited by an attacker to read sensitive information by bypassing access restrictions to TYPO3 Core data via site configurati...

5.7CVSS5.3AI score0.00514EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.5 views

HCL Technologies HCL Domino 输入验证错误漏洞

HCL Technologies HCL Domino is a software application from HCL Technologies, India. It provides a platform for application development. A security vulnerability exists in HCL Domino, which can be exploited by an attacker to bypass access restrictions on HCL Domino data iNotes, by linking through...

7.4CVSS5.7AI score0.00459EPSS
Exploits0References3
OSV
OSV
added 2022/05/04 5:15 p.m.6 views

CVE-2022-20734

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerabilit...

4.4CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2022/02/24 12:0 a.m.6 views

Blender 数字错误漏洞

Blender is a specialized free and open source 3D computer graphics software. A numeric error vulnerability exists in Blender that could be exploited by an attacker to read sensitive data using a crafted DDS image file...

5.5CVSS5.7AI score0.01135EPSS
Exploits0References9
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.4 views

Sonatype Nexus Repository Manager 信息泄露漏洞

Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. An information disclosure vulnerability exists in Sonatype Nexus Repository Manager, which can be exploited by an attacker to bypass acces...

4.3CVSS5.3AI score0.00456EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.4 views

IBM Cloud Pak for Data 信息泄露漏洞

Ibm Cloud Pak For Data is an open and scalable data platform from Ibm USA, Inc. provides a data structure that makes all data available for AI and analytics on any cloud.A security vulnerability exists in IBM Cloud Pak for Data that stems from the fact that IBM Cloud Pak for Data can allow a loca...

4.4CVSS5.2AI score0.00264EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.4 views

Apple iOS 和 iPadOS 权限许可和访问控制问题漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A permission and access control issue exists in Apple iOS and iPadOS NetworkExtension, which can be exploited by a...

5.5CVSS5.8AI score0.00263EPSS
Exploits0References5
CNVD
CNVD
added 2020/11/26 12:0 a.m.1 views

Unauthorized Access Vulnerability in ThinkAdmin

ThinkAdmin is a backend management framework based on the latest ThinkPHP V6 development, using the loosest MIT protocol open source. ThinkAdmin has an unauthorized access vulnerability. Attackers can use the vulnerability to bypass login to directly read and modify sensitive information...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/08/05 12:0 a.m.3 views

Multiple Apple Products GeoServices Component Authorization Issue Vulnerability

Apple iOS is a product of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple iPadOS is an operating system for iPad tablets. geoServices is a geo-services component of the... A security vulnerability exists in the...

4.3CVSS6.2AI score0.0083EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/20 12:0 a.m.4 views

Kronos WebTA SQL Injection Vulnerability

Kronos WebTA is an attendance system. Kronos WebTA suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to read sensitive data from the database...

6.5CVSS7.8AI score0.01284EPSS
Exploits1References1
Rows per page
Query Builder