Lucene search
K

164 matches found

CNNVD
CNNVD
added 2021/04/13 12:0 a.m.4 views

Microsoft Windows Remote Procedure Call Runtime 代码注入漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. A remote code execution vulnerability exists in the "Remote Procedure Call Runtime" in Microsoft Windows an...

8.8CVSS6.7AI score0.02315EPSS
Exploits0References5
CNVD
CNVD
added 2021/03/02 12:0 a.m.7 views

Google Android Android runtime elevation of privilege vulnerability

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Android runtime component of Google Android 11. An attacker can exploit the vulnerability to cause a local...

7.8CVSS6.9AI score0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/26 4:20 p.m.48 views

CVE-2021-21297 Prototype Pollution in Node-Red

Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier contains a Prototype Pollution vulnerability in the admin API. A badly formed request can modify the prototype of the default JavaScript Object with the potential to affect the default...

7.7CVSS7.7AI score0.01397EPSS
Exploits0References4
CNVD
CNVD
added 2021/02/02 12:0 a.m.11 views

Google Android Android runtime information disclosure vulnerability (CNVD-2021-22975)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in Android runtime in Google Android 8.1, 9, 10, and 11. An attacker can exploit this vulnerability to obtain sensiti...

7.5CVSS5.9AI score0.00877EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/12 12:0 a.m.7 views

Microsoft Windows Remote Procedure Call Runtime 安全漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in Microsoft Windows/Windows Server "Remote...

8.8CVSS7.7AI score0.02967EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.10 views

The vulnerability of the Windows Runtime component of the Windows operating system allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of the Windows Runtime component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute malicious code through a specially created application...

7.8CVSS7.4AI score0.00762EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/15 10:13 p.m.38 views

Security Bulletin: IBM Java Runtime Vulnerability Affects IBM Secure Proxy (CVE-2020-2654)

Summary IBM Secure Proxy has addressed the applicable vulnerability in IBM® Runtime Environment Java™ Version 1.8. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to...

4.3CVSS1.2AI score0.03823EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/06/26 12:0 a.m.8 views

The vulnerability of the Windows Runtime component of the Windows operating system allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of the Windows Runtime component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code using a specially created application...

7.8CVSS7.6AI score0.00708EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/25 1:15 p.m.37 views

Security Bulletin: A vulnerability in the IBM Java Runtime affects IBM Rational ClearCase (CVE-2020-2654)

Summary There is a vulnerability in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearCase. This issue was disclosed as part of the IBM Java SDK updates in January 2020 deferred from Oracle Jan 2020 CPU. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION...

6.8CVSS0.9AI score0.03823EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/06/19 12:0 a.m.6 views

The vulnerability of the Windows Runtime component of the Windows operating system allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of the Windows Runtime component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code using a specially created application...

7.3CVSS7.6AI score0.03001EPSS
Exploits0References2
CNVD
CNVD
added 2020/06/10 12:0 a.m.6 views

Microsoft Store Runtime Elevation of Privilege Vulnerability (CNVD-2021-25014)

Microsoft Store Runtime is an application store software from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Store Runtime, which arises from a failure of the program to properly handle memory and can be exploited by an attacker to gain elevation of privilege by runnin...

7.8CVSS8.7AI score0.00792EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/10 12:0 a.m.11 views

Microsoft Windows Runtime Elevation of Privilege Vulnerability (CNVD-2021-31215)

Microsoft Windows Runtime .net framework is an essential functional support library for the Windows operating system from Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Runtime, which arises from a program that does not properly handle objects in memory, and can be...

7.8CVSS8.8AI score0.0332EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/30 12:0 a.m.2 views

BSON ObjectID Input Validation Error Vulnerability

BSON ObjectID is a module for creating and parsing ObjectIDs for use in Node.js. An input validation error vulnerability exists in BSON ObjectID version 1.3.0 for Node.js. The vulnerability stems from a network system or product that does not properly validate input data. An attacker could use th...

7.5CVSS6.7AI score0.01085EPSS
Exploits1References1
CNVD
CNVD
added 2018/05/08 12:0 a.m.4 views

Google Android Android runtime information disclosure vulnerability

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in Android runtime in Google Android 8.1, which can be exploited by attackers to obtain sensitive information...

6.2CVSS6.1AI score0.00076EPSS
Exploits0References1
Veracode
Veracode
added 2017/05/04 7:32 a.m.6 views

Denial Of Service (DoS)

runtime/hashmap in github.com/golang/go is vulnerable to denial of service DoS attacks. The vulnerability exists because it uses uintptr in overLoadFactor of hashmap.go. With large number of potential buckets, a malicious user or a coding error can cause an infinite loop via overflow in 32-bit...

6.6AI score
Exploits0
OSV
OSV
added 2015/11/11 1:0 p.m.1 views

UBUNTU-CVE-2015-8046

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary...

10CVSS6.2AI score0.29962EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2013/11/07 4:46 p.m.4 views

OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

7.5CVSS6.8AI score0.04431EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.4 views

JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs...

10CVSS5.8AI score0.08325EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/07/16 5:12 p.m.5 views

OpenJDK: Resource denial of service (AWT, 8001038)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the...

5CVSS6.8AI score0.04874EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/07/15 8:32 p.m.7 views

OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...

5CVSS6.8AI score0.05084EPSS
Exploits0References5
Rows per page
Query Builder