Lucene search
K

115 matches found

OSV
OSV
added 2019/07/10 12:0 p.m.3 views

UBUNTU-CVE-2019-10190

A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of...

7.5CVSS6.6AI score0.01993EPSS
Exploits0References3
NVD
NVD
added 2019/07/04 8:15 p.m.18 views

CVE-2019-1890

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the...

7.4CVSS6.7AI score0.00633EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/07/04 8:0 p.m.19 views

CVE-2019-1890 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the...

7.4CVSS6.5AI score0.00633EPSS
Exploits0References2
Prion
Prion
added 2018/05/21 1:29 p.m.19 views

Security feature bypass

A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1035...

4.6CVSS5.3AI score0.01334EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2018/01/30 12:0 a.m.1 views

Arbitrary File Download Vulnerability in CAJViewer, a Specialized Reader for China Knowledge Network (CNN)

CAJViewer is a series of CAJViewer products of National Engineering Research Center of CD-ROM and Tsinghua Tongfang Knowledge Network Beijing Technology Co., Ltd. and a special full-text format viewer for China Periodicals Network CJN, which supports TEB, CAJ, NH, KDH, and PDF format files of CJN...

7.1AI score
Exploits0
Prion
Prion
added 2017/11/20 7:29 p.m.21 views

Directory traversal

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...

5.2CVSS6.6AI score0.01095EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/20 7:29 p.m.27 views

CVE-2017-15527

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...

6.8CVSS6.6AI score0.01095EPSS
Exploits0References2
CVE
CVE
added 2017/11/20 7:0 p.m.60 views

CVE-2017-15527

The CVE-2017-15527 entry concerns the Symantec Management Console. Affected product: Symantec Management Console (ITMS) prior to 8.1 RU4. Vulnerable component/behavior: directory traversal due to insufficient input validation/sanitization of user-supplied file names, allowing traversal sequences ...

6.8CVSS6.8AI score0.01095EPSS
Exploits0References2Affected Software1
Symantec
Symantec
added 2017/11/20 8:0 a.m.41 views

Symantec Management Console Directory Traversal

SUMMARY Symantec has released an update to address an issue in the Symantec Management Console product. AFFECTED PRODUCTS Symantec Management Console --- CVE | Affected Versions | Remediation CVE-2017-15527 | Prior to ITMS 8.1 RU4, ITMS 8.0 POST HF6 & ITMS 7.6 POST HF7 | Upgrade to ITMS 8.1 RU4,...

10CVSS0.7AI score0.72759EPSS
Exploits5Affected Software1
NVD
NVD
added 2017/06/13 8:29 p.m.22 views

CVE-2016-10337

In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed...

5.5CVSS5.4AI score0.00485EPSS
Exploits0References3
CVE
CVE
added 2017/06/13 8:0 p.m.42 views

CVE-2016-10337

Technical details for CVE-2016-10337 are not publicly available in the provided connected documents. The materials confirm a generic Android/Linux kernel validation issue but do not specify affected products, versions, exploitability, impact, or fixes. Monitor for updates.

5.5CVSS5.9AI score0.00485EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/07/11 1:59 a.m.24 views

CVE-2015-8890

platform/msmshared/partitionparser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices does not validate certain GUID Partition Table GPT data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard MMC, aka Android internal...

9.3CVSS7.4AI score0.00543EPSS
Exploits0References3
Cisco Threats
Cisco Threats
added 2016/04/15 7:26 p.m.11 views

Threat Outbreak Alert RuleID22277: Email Messages Distributing Malicious Software on April 15, 2016

Medium Alert ID: 44691 First Published: 2016 April 15 19:26 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22277 may contain the following files: Name | Si...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2015/03/21 12:0 a.m.129 views

Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security

-= Advanced Information Security Corporation =- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas at gmail dot com Audit: OpenSSL v1.0.2 22nd of January, 2015 Release...

7.2AI score
Exploits0
myhack58
myhack58
added 2014/12/05 12:0 a.m.12 views

A combination of punches: three vulnerabilities to achieve a PayPal account-hijacking-vulnerability warning-the black bar safety net

PayPal is an eBay owned popular third-party payment product, similar to domestic PayPal. Recently researchers in their web applications were found in three high-risk vulnerabilities, an attacker can exploit these vulnerabilities to control any user of the PayPal account. The black bar safety net...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/31 12:0 a.m.40 views

Fedora 20 : phpMyAdmin-4.2.6-1.fc20 (2014-8581)

phpMyAdmin 4.2.6.0 2014-07-17 =============================== - Undefined index warning with referenced column. - $cfg'MaxExactCount' is ignored when BROWSING is back - Multi Column sorting improved user experience - Server validation does not work while in setup/mysqli - Undefined variable when...

6.5CVSS7AI score0.02276EPSS
Exploits4References15
Cvelist
Cvelist
added 2014/06/17 2:0 p.m.29 views

CVE-2014-0478

APT before 1.0.4 does not properly validate source packages, which allows man-in-the-middle attackers to download and install Trojan horse packages by removing the Release signature...

6.1AI score0.0157EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2013/09/12 1:30 p.m.25 views

CVE-2013-4339

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string...

7.5CVSS5.9AI score0.07493EPSS
Exploits2References6
Kitploit
Kitploit
added 2012/11/04 7:20 p.m.11 views

[Subterfuge] Beta Version 4.2

Automated Man-in-the-Middle Attack Framework Abstract: Enter Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attack and make it as simple as point and shoot. A beautiful, easy to use interface which produces a more transparent and effective attack is what sets Subterfuge apart...

7.2AI score
Exploits0
myhack58
myhack58
added 2011/08/19 12:0 a.m.19 views

The cloud from the enterprise built Station system through the kill oday-vulnerability warning-the black bar safety net

Saying boring to code the site the next set of program analysis Can be to the cloud from the enterprise built Station system, download the number very much so look up First saw it in the background of the login. the asp file. A look at the side of there ass and... if request. Form"submit""" then ...

7.7AI score
Exploits0
Rows per page
Query Builder