Lucene search
K

102 matches found

Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.4 views

PT-2024-34196 · Cloudways · Cloudways Breeze

Name of the Vulnerable Software and Affected Versions: Cloudways Breeze versions 2.1.14 and earlier Description: The issue is related to a Missing Authorization vulnerability in Cloudways Breeze, which allows exploitation due to incorrectly configured access control security levels...

5.3CVSS6.5AI score0.00535EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.3 views

PT-2024-9615

Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description A vulnerability has been identified in the gst wavparse smpl chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of...

9.1CVSS6.8AI score0.01161EPSS
Exploits0References181
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.6 views

PT-2024-9202 · Libjxl +5 · Libjxl +5

Name of the Vulnerable Software and Affected Versions: LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99 libjpeg affected versions not specified libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 libjxl-devel-0.11.1-1.1 qt6-webengine Description: An out-of-bounds...

9.8CVSS5.1AI score0.0104EPSS
Exploits0References71
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.3 views

PT-2024-2579 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS and Cisco IOS XE affected versions not specified Description: The issue is related to the incorrect handling of LISP packets, which could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in ...

8.6CVSS6.5AI score0.00803EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.6 views

PT-2024-23088 · Kerlink +1 · Kerlink Firewall +2

Name of the Vulnerable Software and Affected Versions: ChirpStack chirpstack-mqtt-forwarder versions 4.2.0 and earlier ChirpStack chirpstack-gateway-bridge versions 4.0.10 and earlier Description: The Kerlink firewall in ChirpStack wrongly accepts certain TCP packets when a connection is not in t...

7.5CVSS7.4AI score0.00651EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.4 views

PT-2024-2124 · Adobe · Acrobat Reader +4

Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 20.005.30539 through 23.008.20470 and earlier Adobe Acrobat 2020 and earlier Adobe Acrobat Reader Document Cloud versions prior to the fixed version Adobe Acrobat Document Cloud versions prior to the fixed version...

5.5CVSS6AI score0.03161EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/01/23 6:13 a.m.3 views

Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense

Overview Electronic Deliverables Creation Support Tool provided by Ministry of Defense improperly restricts XML external entity references XXE CWE-611. Toyama Taku of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5.5CVSS6.6AI score0.00195EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.4 views

PT-2023-28380 · Unknown · Onsinview2

Name of the Vulnerable Software and Affected Versions: OnSinView2 versions 2.0.1 and earlier Description: An issue with improper restriction of operations within the bounds of a memory buffer exists. If exploited, this could lead to information disclosure or the execution of arbitrary code by...

7.8CVSS7.7AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/08/17 12:0 a.m.7 views

PT-2023-20706 · Paul Kehrer · Updraft

Name of the Vulnerable Software and Affected Versions: Paul Kehrer Updraft plugin versions = 0.6.1 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to steal use...

7.1CVSS6.4AI score0.00382EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.7 views

PT-2023-24313 · Suprema · Suprema Biostar 2

Name of the Vulnerable Software and Affected Versions: Suprema BioStar 2 versions prior to 2.9.1 Description: A path traversal issue exists, allowing unauthenticated attackers to fetch arbitrary files from the server's web server. Recommendations: For Suprema BioStar 2 versions prior to 2.9.1,...

7.5CVSS7.6AI score0.00721EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/16 12:0 a.m.7 views

PT-2023-18223 · Samsung · Exynos

Name of the Vulnerable Software and Affected Versions: Exynos baseband versions prior to SMR Mar-2023 Release 1 Description: The issue is related to improper authorization implementation, which leads to incorrect handling of unencrypted messages. Recommendations: For versions prior to SMR Mar-202...

9.1CVSS9.1AI score0.00403EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.5 views

PT-2023-12900 · Cvat · Cvat

Name of the Vulnerable Software and Affected Versions: CVAT versions prior to 2.0.1 Description: The issue allows an authenticated user to potentially enable information disclosure via network access due to server-side request forgery. Recommendations: For versions prior to 2.0.1, update to versi...

6.5CVSS6.2AI score0.00453EPSS
Exploits0References3
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.13 views

SA40166 - Remote desktop protocol (RDP) client restriction bypass issue

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A security issue was discovered in the PCS Terminal Services Remote Desktop Protocol RDP client session restrictions feature. By exploiting this issue a malicious authenticated user...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.5 views

PT-2023-34148 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: A refcount leak was discovered in the f hid gadget of the Linux Kernel. The issue was introduced in version v3.19 and is fixed in version v5.15.86. The actual impact and attack plausibility...

7.2AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/01/12 5:50 a.m.3 views

Multiple vulnerabilities in PIXELA PIX-RT100

Overview PIX-RT100 provided by PIXELA CORPORATION contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2023-22304 Backdoor access issue CWE-912 - CVE-2023-22316 MASAHIRO IIDA of LAC Co.,Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the develop...

8.8CVSS7.8AI score0.00893EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-5907 · Schneider Electric · Apc Easy Ups Online Monitoring +1

Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...

10CVSS9.6AI score0.01071EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.3 views

PT-2022-14638 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible out of bounds write in the avdt msg asmbl function of avdt msg.cc due to a missing bounds check. This could lead to remote code execution over...

8.8CVSS8.7AI score0.01868EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.7 views

PT-2022-26650 · Bentley · Bentley Microstation +1

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation versions prior to 10.17.01.58 Bentley View versions prior to 10.17.01.19 Description: The issue concerns out-of-bounds read and stack overflow problems that occur when opening crafted SKP files. This could lead to...

7.8CVSS7.6AI score0.00649EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2022/10/12 12:0 a.m.6 views

PT-2022-5197 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 19.1R3-S9 Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S6 Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S7 Juniper Networks Junos OS 19.4 versions prior to 19.4R2-S7, 19.4R3-S9...

9.8CVSS9.4AI score0.01131EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.3 views

PT-2022-34259 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.22 through 5.4.210 Description: A divide-by-zero bug was found in the ark set pixclock function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 2.6.22...

7.2AI score
Exploits0References1
Rows per page
Query Builder