Lucene search
K

313 matches found

CNVD
CNVD
added 2018/04/19 12:0 a.m.4 views

Microsoft Windows Security Bypass Vulnerability (CNVD-2018-09667)

Microsoft Windows 10 and Windows Server Version 1709 are both products of Microsoft Corporation.Microsoft Windows 10 is a cross-platform operating system for PCs and laptops, tablets, and cell phones.Windows... Server Version 1709 is a server operating system. A security feature bypass...

5.3CVSS6.7AI score0.01334EPSS
Exploits0References1
Veracode
Veracode
added 2018/04/10 7:38 a.m.9 views

Information Disclosure

h2o-core is vulnerable to information disclosures. The HTTP response headers contain sensitive information such as server version...

6.4AI score
Exploits0
NVD
NVD
added 2018/03/14 5:29 p.m.40 views

CVE-2018-0902

The Cryptography Next Generation CNG kernel-mode driver cng.sys in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels, ak...

7.8CVSS7.5AI score0.01157EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/03/07 12:0 a.m.21 views

Oracle Database Server Oracle Universal Installer Component Unspecified Vulnerability

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

1.7CVSS6.3AI score0.00353EPSS
Exploits0References1
OSV
OSV
added 2018/02/15 2:29 a.m.2 views

CVE-2018-0827

Windows Scripting Host WSH in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 allows a Device Guard security feature bypass vulnerability due to the way objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability"...

5.3CVSS5.8AI score0.01386EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.613 views

KB4056892: Windows 10 Version 1709 and Windows Server Version 1709 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056892 or 4073291. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...

7.8CVSS8.2AI score0.93838EPSS
Exploits57References36
Hacker One
Hacker One
added 2017/09/19 10:42 a.m.43 views

Nextcloud: Banner Grabbing - Apache Server Version Disclousure

Hello Nextcloud, I'd like to report a nice little bug. Banner Grabbing is a technique used to gain information about a remote server. Additionally, this technique is use to get information about remote servers. I've captured the HTTP request while visiting https://customerupdates.nextcloud.com an...

Exploits0
Metasploit
Metasploit
added 2017/07/18 3:53 p.m.46 views

OrientDB 2.2.x Remote Code Execution

This module leverages a privilege escalation on OrientDB to execute unsandboxed OS commands. All versions from 2.2.2 up to 2.2.22 should be vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

9.8CVSS1.6AI score0.73071EPSS
Exploits4
Citrix
Citrix
added 2017/06/27 12:0 a.m.10 views

PVS target and server version compatibility

Q: Can a PVS environment be configured with PVS target version higher than the PVS server version? A: No, The PVS target version should be the same as the PVS server version Configuring PVS environment with PVS target version higher than the PVS server version may work however if there is an issu...

7AI score
Exploits0
Hacker One
Hacker One
added 2017/05/22 10:57 a.m.12 views

Weblate: Weblate- Banner Grabbing-Ngnix Server version

Hey, I have found in the HTTP response header from docs.weblate.org, the nginx web server version is disclosed. Ideally application server responds back to users error message in customzied manner by not revealing any sensitive information about webserver or underlying components in applicatio...

1.1AI score
Exploits0
Hacker One
Hacker One
added 2017/05/09 6:13 a.m.28 views

U.S. Dept Of Defense: Two Error-Based SQLi in courses.aspx on ██████████

Summary: The server at ████ contains two SQL injection vulnerabilities in the courses.aspx file. These are error-based SQLi vulnerabilities. The resulting errors reveal seven lines of C code, including inline SQL which reveals internal database information. Note that this is one of two reports I'...

8.3AI score
Exploits0
Hacker One
Hacker One
added 2017/04/25 1:17 p.m.40 views

Nextcloud: information disclose

Hello Team . I Reported a issue - disclosure SERVER Version !! when i interrupt this https://demo.nextcloud.com/ Request , its disclosure The server version Server: Apache/2.4.6 CentOS OpenSSL/1.0.1e-fips As you can See this Pic , or you can Interrupt the url useing Any Proxy tools like Burp Suit...

0.3AI score
Exploits0
Hacker One
Hacker One
added 2017/02/04 12:10 p.m.55 views

Ubiquiti Inc.: Content Spoofing or Text Injection in (403 forbidden page injection) and Nginx version disclosure via response header

Hello there, I know that this is Non-critical issue but i want you guys to be aware of it. 1. I have found a Content Spoofing or Text Injection in This url http://dl-origin.ubnt.com/ Go to this url...

0.3AI score
Exploits0
Hacker One
Hacker One
added 2017/01/10 12:47 p.m.24 views

OLX: Server Version Of https://www.olx.ph/

i see a server version of your website that have link: https://www.olx.ph/.htaccess The impact of this vulnerability Consult Web References for more information. This is a proof. http://prnt.sc/dtsjmo -- jaypogzz...

1.1AI score
Exploits0
Hacker One
Hacker One
added 2016/11/05 12:23 p.m.20 views

Yelp: Nginx server version disclosure on engineeringblog

Hi Yelp Team, I have found a little information disclosure on your system with regards to the version of server you are using, due to not properly handling 404 errors , whe you go to the page that i not existing, the exact nginx version was disclosed. PoC URL: engineeringblog.yelp.com/test PoC...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/08/31 12:0 a.m.12 views

Atlassian Confluence Server Version Detection

Binary data 9543.prm...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/08/16 12:0 a.m.14 views

Sonicwall GMS Detection

This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.3AI score
Exploits0
CNVD
CNVD
added 2016/07/21 12:0 a.m.4 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2016-05398)

Oracle MySQL Server is a lightweight relational database system. A security vulnerability exists in Oracle MySQL Server 5.7.12 and earlier versions, which can be exploited by an authenticated attacker to compromise integrity, availability...

5.9CVSS7.7AI score0.02292EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/07/07 6:54 a.m.13 views

Gratipay: don't leak Server version for assets.gratipay.com

Hi i found that server version are being disclosed on the response header on this URL: https://assets.gratipay.com , this is a low risk but you can consider this as best practice because it is important to keep secret of server versions. See similar reports here: 141125 Feel free to close this as...

0.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Marida DB database management system allows a malicious actor to cause service failures.

The MariaDB database management system contains a vulnerability related to errors in the client/mysql.cc code of MariaDB. Exploiting this vulnerability allows a malicious individual to cause a service failure on a remote database server, trigger a service failure, or execute arbitrary code using ...

7.5CVSS6.9AI score0.06353EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder