Lucene search
K

67 matches found

Veracode
Veracode
added 2020/05/10 11:27 p.m.40 views

Remote Code Execution (RCE)

ncurses is vulnerable to denial of service. Due to a flaw, there is a format string vulnerability in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...

9.8CVSS6.6AI score0.04257EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.5 views

The vulnerability of the WebKit rendering module in OpenSUSE Leap operating systems, Mac OS X, iOS, tvOS, Safari browser, multimedia player iTunes, and iCloud service lies in the use of memory after it is freed. This allows an attacker to execute arbitrary code.

The vulnerability of the WebKit rendering module in operating systems such as Mac OS X, iOS, tvOS, Safari browser, multimedia player iTunes, and iCloud service is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memor...

9.3CVSS7.1AI score0.01752EPSS
Exploits0References11Affected Software16
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2018-1166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.04876EPSS
Exploits0References2
Hacker One
Hacker One
added 2019/05/30 4:37 a.m.29 views

Node.js third-party modules: Lack of input validation and sanitization in react-autolinker-wrapper library causes XSS

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report XSS in...

0.7AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2019/02/03 12:0 a.m.95 views

devolo dLAN 550 duo+ Starter Kit Remote Code Execution

Summary Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a cost-effective and helpful networking alternative for any location without structured network wiring. Especially in buildings or residences lacking network cables or where updating the wiring would be expensive and...

9.8CVSS6.3AI score0.00374EPSS
Exploits1
CVE
CVE
added 2018/10/23 5:0 p.m.43 views

CVE-2018-18589

CVE-2018-18589 concerns Micro Focus Real User Monitoring software with vulnerable versions: 9.26IP, 9.30, 9.40 and 9.50. Connected CVE data notes a Java deserialization vulnerability as the root cause, enabling potential remote arbitrary code execution. The CVE entry indicates the impact is remot...

8.8CVSS7.9AI score0.01689EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.33 views

EulerOS Virtualization 2.5.0 : ncurses (EulerOS-SA-2018-1252)

According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary...

9.8CVSS8.1AI score0.04876EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2018/07/01 6:58 p.m.12 views

MacOS Malware Targets Cryptocurrency Community on Slack, Discord

Hackers using MacOS malware are targeting cryptocurrency investors that use both the Slack and Discord chat platforms. The malware, dubbed OSX.Dummy, uses an unsophisticated infection method, but those who are successfully attacked open their systems up to remote arbitrary code execution. “If the...

2.1AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/06/28 12:0 a.m.26 views

EulerOS 2.0 SP3 : ncurses (EulerOS-SA-2018-1166)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary code execution...

9.8CVSS8.1AI score0.04876EPSS
Exploits0References3
NVD
NVD
added 2018/02/15 10:29 p.m.12 views

CVE-2017-5807

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...

10CVSS9.6AI score0.22293EPSS
Exploits0References3
Prion
Prion
added 2018/02/15 10:29 p.m.19 views

Remote code execution

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...

4.9CVSS5.9AI score0.01613EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/02/15 10:29 p.m.15 views

Remote code execution

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...

10CVSS9.5AI score0.22293EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.25 views

CVE-2017-5793

A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center IMC PLAT version 7.2 E0403P06 was found...

9.3AI score0.04594EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/06/29 11:0 p.m.27 views

CVE-2017-10684

In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...

9.8CVSS9.9AI score0.04876EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/09/02 12:0 a.m.26 views

HPE Synergy Planning Tool Remote Arbitrary Code Execution Vulnerability

HPE Synergy Planning Tool is prone to remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.1CVSS8.3AI score0.07197EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/09/02 12:0 a.m.16 views

HPE CISSS Remote Arbitrary Code Execution Vulnerability

HPE Converged Infrastructure Solution Sizer Suite CISSS is prone to a remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

8.1CVSS8.3AI score0.07197EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/07/20 12:0 a.m.6 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software is related to errors in data type mixing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS5.9AI score0.07356EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.17 views

Mandriva Linux Security Advisory : squashfs-tools (MDVSA-2013:128)

Updated squashfs-tools packages fix security vulnerabilities : remote arbitrary code execution via crafted list file CVE-2012-4024. integer overflow in queueinit may lead to arbitrary code execution CVE-2012-4025. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...

6.8CVSS8.1AI score0.04047EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.10 views

SuSE 10 Security Update : gaim (ZYPP Patch Number 6461)

This update of gaim fixes a remote arbitrary code execution vulnerability in MSN SLP packet processing code. CORE-2009-0727 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.11 views

SuSE 10 Security Update : pidgin (ZYPP Patch Number 6463)

This update of pidgin fixes a remote arbitrary code execution vulnerability in MSN SLP packet processing code. CORE-2009-0727 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.8AI score
Exploits0
Rows per page
Query Builder