Lucene search
K

72 matches found

Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.4 views

PT-2023-13027 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It appears to be a notification about a candidate number that is unused by it...

6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/29 12:0 a.m.5 views

PT-2022-8212 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about a specific vulnerability. It appears to be a notification about a rejected CVE candidate...

6.3AI score
Exploits0References2
OSV
OSV
added 2021/12/17 8:15 p.m.9 views

CVE-2021-41495

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error ca...

5.3CVSS5.1AI score
Exploits0References2
OSV
OSV
added 2021/12/08 10:15 p.m.7 views

CVE-2021-43543

Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.1CVSS8.8AI score
Exploits0References10
OSV
OSV
added 2021/12/08 10:15 p.m.8 views

CVE-2021-43538

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 9...

4.3CVSS8.7AI score
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/17 8:50 a.m.21 views

Security Bulletin: Apache Tomcat vulnerability affects IBM Storwize V7000 Unified (CVE-2019-4293)

Summary This vulnerability may allow attacker to reveal the third party software Apache Tomcat Web server version. Vulnerability Details CVEID: CVE-2019-4293 DESCRIPTION: IBM System Storage Storwize V7000 Unified V7000U configuration may allow an attacker to reveal the server version in default...

5.3CVSS1.2AI score0.01759EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/04/26 5:29 p.m.5 views

CVE-2019-9795

A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...

9.8CVSS9AI score
Exploits0References6
Packet Storm
Packet Storm
added 2018/12/27 12:0 a.m.27 views

Terminal Services Manager 3.1 Local Buffer Overflow

Exploit Title: Terminal Services Manager 3.1 - Buffer Overflow SEH Date: 2018-12-25 Exploit Author: bzyo Twitter: @bzyo Vulnerable Software: Terminal Services Manager 3.1 Vendor Homepage: https://lizardsystems.com Version: 3.1 Software Link: https://lizardsystems.com/download/tsmanagersetup.exe...

0.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/10/29 12:0 a.m.528 views

JVN#37943805: Confluence Server vulnerable to script injection

User Macros of Confluence Server provided by Atlassian Pty Ltd. contains a script injection vulnerability CWE-74. Impact When the administrator embeds a malicious script into User Macros, the embedded script may be executed on the user's web browser. Solution Update the Software Update to the...

7.1AI score
Exploits0
OSV
OSV
added 2018/10/18 1:29 p.m.8 views

CVE-2018-12385

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally...

7CVSS6AI score
Exploits0References18
OSV
OSV
added 2018/06/11 9:29 p.m.5 views

CVE-2018-5103

A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...

9.8CVSS9.2AI score
Exploits0References13
OSV
OSV
added 2018/06/11 9:29 p.m.8 views

CVE-2017-7801

A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox...

9.8CVSS8.3AI score
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/02/28 12:0 a.m.55 views

JVN#73083905: Multiple vulnerabilities in WBCE CMS

WBCE CMS provided by WBCE Team is an open-source Contents Management System CMS. WBCE CMS contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-2118 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

8.6CVSS7.1AI score0.0351EPSS
Exploits0
OSV
OSV
added 2016/12/11 3:0 a.m.10 views

CVE-2016-9865

An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMAsafeUnserialize function. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

9.8CVSS9.3AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/08/27 12:0 a.m.26 views

JVN#91474878: File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted

File encyption software "ED" contains an issue when files of small size are encyrpted, they may become easier to decipher in comparison to when files of a larger size are encrypted. When encrypting small files that are smaller than the block size 128 bits, file encryption software "ED" encrypts...

2.6CVSS7.3AI score0.00695EPSS
Exploits0
WPVulnDB
WPVulnDB
added 2014/04/25 12:0 a.m.21 views

Ooorl <= 1.0.0 - XSS

Plugin is still affected and has been closed...

4.3CVSS2.4AI score0.01629EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.49 views

NetGear ReadyNAS code execution

Web interface commands injection...

10CVSS2.8AI score0.71599EPSS
Exploits5References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/06/27 12:0 a.m.40 views

JVN#26394323: POST-MAIL vulnerable to cross-site scripting

POST-MAIL provided by KENT-WEB contains an issue in the webpage output of strings entered in the form, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version accordin...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/08/26 12:0 a.m.40 views

JVN#02134508: WebsiteBaker vulnerable to cross-site scripting

WebsiteBaker is a content management system CMS. WebsiteBaker contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Upgrade the software Upgrade to Lepton CMS according to the information provided by the developer. Products...

4.3CVSS5.8AI score0.00845EPSS
Exploits0
Symantec
Symantec
added 2011/08/09 12:0 a.m.35 views

Microsoft Visio CVE-2011-1979 Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.1AI score0.22201EPSS
Exploits1Affected Software1
Rows per page
Query Builder