Lucene search
K

2528 matches found

OSV
OSV
added 2018/04/23 12:0 a.m.5 views

UBUNTU-CVE-2018-8781

The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

7.8CVSS7.1AI score0.00502EPSS
Exploits0References11
OSV
OSV
added 2018/04/19 2:29 a.m.5 views

CVE-2018-2853

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications subcomponent: Operations, Client Application Loader. Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network acces...

5.4CVSS7.3AI score0.00796EPSS
Exploits0References2
OSV
OSV
added 2018/04/19 2:29 a.m.4 views

CVE-2018-2788

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Fluid Core. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

6.1CVSS7.3AI score0.01498EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2018/04/19 12:0 a.m.568 views

KLA11237 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An unsafe DLL loading...

8.8CVSS9.2AI score0.24033EPSS
Exploits12References4
OSV
OSV
added 2018/04/18 8:29 p.m.3 views

CVE-2018-8840

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution...

9.8CVSS6AI score
Exploits0References4
NVD
NVD
added 2018/04/18 2:29 p.m.24 views

CVE-2015-9108

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NUL...

10CVSS8.5AI score0.01169EPSS
Exploits0References2
Prion
Prion
added 2018/04/18 2:29 p.m.22 views

Null pointer dereference

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NUL...

10CVSS8.2AI score0.01169EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/04/18 2:0 p.m.22 views

CVE-2015-9108

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NUL...

9.7AI score0.01169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/18 12:0 a.m.67 views

Oracle Linux 7 : openssl (ELSA-2018-0998)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-0998 advisory. - fix CVE-2017-3737 - incorrect handling of fatal error state - fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus Tenable ha...

6.5CVSS6.5AI score0.78675EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2018/04/16 12:0 a.m.58 views

Microsoft Office: Open Office documents as read/write while browsing

This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013openasreadwritebrowsing.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Open Office documents as read/write while browsing Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

7.3AI score
Exploits0
OSV
OSV
added 2018/04/05 9:29 p.m.4 views

CVE-2017-14470

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

9.8CVSS5.8AI score0.37317EPSS
Exploits1References1
OSV
OSV
added 2018/04/05 9:29 p.m.3 views

CVE-2017-14467

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

9.8CVSS5.7AI score0.36642EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/04/05 12:0 a.m.6 views

PT-2018-5659 · Allen Bradley · Allen Bradley Micrologix 1400 Series B

Name of the Vulnerable Software and Affected Versions: Allen Bradley Micrologix 1400 Series B versions 21.2 and before Description: An exploitable access control issue exists in the data, program, and function file permissions functionality. A specially crafted packet can cause a read or write...

10CVSS9.2AI score0.37317EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/04/05 12:0 a.m.6 views

PT-2018-5660 · Allen Bradley · Allen Bradley Micrologix 1400 Series B

Name of the Vulnerable Software and Affected Versions: Allen Bradley Micrologix 1400 Series B versions 21.2 and before Description: An issue exists in the data, program, and function file permissions functionality, allowing for access control bypass. A specially crafted packet can cause...

10CVSS9.2AI score0.34166EPSS
Exploits1References2
OSV
OSV
added 2018/04/04 8:29 p.m.3 views

CVE-2018-1002150

Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1...

9.1CVSS5.8AI score0.01667EPSS
Exploits0References2
Prion
Prion
added 2018/04/04 8:29 p.m.7 views

Improper access control

Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1...

7.5CVSS9.1AI score0.01667EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/04/04 8:29 p.m.9 views

CVE-2018-1002150

Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1...

9.1CVSS9.3AI score0.01667EPSS
Exploits0References2
0day.today
0day.today
added 2018/04/03 12:0 a.m.32 views

Google Chrome V8 - Genesis::InitializeGlobal Out-of-Bounds Read/Write Exploit

Exploit for multiple platform in category dos / poc / Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize +...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2018/03/24 1:9 a.m.131 views

Linux BPF Sign Extension Local Privilege Escalation

Linux kernel prior to 4.14.8 contains a vulnerability in the Berkeley Packet Filter BPF verifier. The checkaluop function performs incorrect sign extension which allows the verifier to be bypassed, leading to arbitrary kernel read/write. The target system must be compiled with BPF support and...

7.8CVSS0.5AI score0.30052EPSS
Exploits16
CNVD
CNVD
added 2018/03/23 12:0 a.m.4 views

Siemens SIMATIC WinCC OA UI for Android and iOS Access Bypass Vulnerability

Siemens SIMATIC WinCC OA UI for Android and iOS are both products of Siemens, Germany. Siemens SIMATIC WinCC OA UI for Android is a set of control interfaces for SCADA systems based on the Android platform. SIMATIC WinCC OA UI for iOS is its iOS-based version. A security vulnerability exists in...

6.7CVSS6.6AI score0.00427EPSS
Exploits0References1
Rows per page
Query Builder