Lucene search
K

40 matches found

BDU FSTEC
BDU FSTEC
added 2021/04/16 12:0 a.m.7 views

The vulnerability in the driver for the Early Launch Antimalware (ELAM) security technology of Microsoft Windows allows a malicious actor to bypass security functions.

The vulnerability of the driver for the Early Launch Antimalware ELAM security technology for Microsoft Windows relates to the disclosure of information. Exploiting this vulnerability could allow a hacker to bypass security functions...

4.6CVSS5.4AI score0.02042EPSS
Exploits1References4
NVD
NVD
added 2020/12/29 12:15 p.m.25 views

CVE-2020-17533

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8.1CVSS8AI score0.03655EPSS
Exploits0References3
OSV
OSV
added 2020/12/29 12:15 p.m.20 views

CVE-2020-17533

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8.1CVSS7AI score
Exploits0References3
Prion
Prion
added 2020/12/29 12:15 p.m.20 views

Code injection

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

5.5CVSS7.9AI score0.03655EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/12/29 11:30 a.m.25 views

CVE-2020-17533 Apache Accumulo Improper Handling of Insufficient Permissions

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8AI score0.03655EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/10/20 12:0 a.m.5 views

The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s kernel is related to the bypassing of security functions. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.2CVSS6.3AI score0.02787EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.6 views

Vulnerability of Windows operating systems related to bypassing security functions, allowing attackers to escalate their privileges

Vulnerabilities of Windows operating systems are related to bypassing security functions. Exploiting these vulnerabilities can allow attackers to gain increased privileges...

4.6CVSS5.5AI score0.00972EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2019/01/18 5:30 p.m.35 views

Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open

A critical and unpatched vulnerability in the widely deployed Cisco Small Business Switch software leaves the door open to remote, unauthenticated attackers gaining full administrative control over the device – and therefore the network. Cisco Small Business Switches were developed for small offi...

9.3CVSS1.1AI score0.49742EPSS
Exploits0References3
NVD
NVD
added 2018/11/21 9:29 p.m.19 views

CVE-2018-19420

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...

4CVSS4AI score0.00777EPSS
Exploits1References1
Prion
Prion
added 2018/11/21 9:29 p.m.24 views

Code injection

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...

4CVSS5.3AI score0.00777EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/21 9:29 p.m.20 views

CVE-2018-19421

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...

4CVSS4.2AI score0.00777EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/21 9:0 p.m.22 views

CVE-2018-19421

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...

5.5AI score0.00777EPSS
Exploits1References1
Lenovo
Lenovo
added 2018/07/25 11:19 a.m.757 views

Intel ME 6.x/7.x/8.x/9.x/10.x./11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update - US

Lenovo Security Advisory: LEN-17297 Potential Impact: An attacker could load and execute arbitrary code outside the visibility of the user, operating system, and hypervisor/virtualization platform; resulting in exfiltration of secrets, subtle manipulation of system operation, or denial of service...

9CVSS8.2AI score0.04407EPSS
Exploits0
ThreatPost
ThreatPost
added 2014/09/23 8:53 a.m.57 views

Charney on Trustworthy Computing: 'I Was the Architect of These Changes'

Scott Charney, the head of Microsoft’s Trustworthy Computing efforts, said that he was the one who decided it was time to move the TwC group in a new direction and integrate the security functions more deeply into the company as a whole. “I was the architect of these changes. This is not about th...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References2
Exploit DB
Exploit DB
added 2011/11/09 12:0 a.m.38 views

COMTREND CT-5624 Router - Root/Support Password Disclosure/Change

!/usr/bin/perl + Comtrend Router CT-5624 Remote Root/Support Password Disclosure/Change Exploit Author: Todor Donev Email: todor.donev@@gmail Type: Hardware Vuln Type: Remote Tested: Board ID : CT-5624 Software : A011-306TSR-C01R03 Bootloader : 1.0.37-0.7-3 ADSL : A2pB022c3.d20e Board ID : CT-563...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/11/08 12:0 a.m.32 views

Comtrend Router CT-5624 Remote Root/Support Password Disclosure

Exploit for hardware platform in category web applications !/usr/bin/perl + Comtrend Router CT-5624 Remote Root/Support Password Disclosure/Change Exploit Author: Todor Donev Email: email protected@gmail Type: Hardware Vuln Type: Remote Tested: Board ID : CT-5624 Software : A011-306TSR-C01R03...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2009/07/06 1:59 p.m.12 views

Researcher Finds Cracks in Symbian Security

From The H Security Symbian, found in many mobile phones, especially those from Nokia, is one of the most widely used mobile operating systems and has now been in use for more than ten years. It continues to be viewed as a very secure operating system, with special security functions and a...

1.7AI score
Exploits0References5
NVD
NVD
added 2009/02/20 7:30 p.m.14 views

CVE-2009-0656

Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user...

6.9CVSS6.3AI score0.00434EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.29 views

Gentoo Security Advisory GLSA 200511-08 (PHP)

The remote host is missing updates announced in advisory GLSA 200511-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.65512EPSS
Exploits0References3
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.9 views

Detectoid for Microsoft Office Communications Server 2007 R2

Detectoid for Microsoft Office Communications Server 2007 R2...

2AI score
Exploits0
Rows per page
Query Builder