Lucene search
K

8093 matches found

CNVD
CNVD
added 2018/04/23 12:0 a.m.1 views

SQL Injection Vulnerability in Duoduocms V8.3_UTF8_20180131 Official Version

DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. DuoDuoRebate duoduocms V8.3UTF820180131 official version of the existence of SQL injection vulnerability. The vulnerability stems from the system on the parameters of the...

7.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/23 12:0 a.m.28 views

Debian DSA-4178-1 : libreoffice - security update

Two vulnerabilities were discovered in LibreOffice's code to parse MS Word and Structured Storage files, which could result in denial of service and potentially the execution of arbitrary code if a malformed file is opened. C Tenable Network Security, Inc. The descriptive text and package checks ...

7.8CVSS7.5AI score0.02134EPSS
Exploits0References6
Debian
Debian
added 2018/04/20 8:21 p.m.37 views

[SECURITY] [DSA 4178-1] libreoffice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4178-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 20, 2018 https://www.debian.org/security/faq -...

7.8CVSS8.8AI score0.02134EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/04/20 5:18 a.m.23 views

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

7.8CVSS6AI score0.01976EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/19 12:0 a.m.3 views

Zoho ManageEngine Desktop Central Database Query Type Restriction Under-Execution Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...

9.8CVSS7.6AI score0.07577EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2018/04/19 12:0 a.m.44 views

Debian: Security Advisory (DSA-4178-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.02134EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2018/04/18 12:0 a.m.26 views

KLA11596 SB vulnerability in LibreOffice

Use after free vulnerability was found in Structured Storage parser. Malicious users can exploit this vulnerability via writing to recently freed data to bypass security restrictions. Original advisories CVE-2018-10119 Use After Free in Structured Storage parser Related products LibreOffice CVE...

7.8CVSS8.1AI score0.01976EPSS
Exploits0References3
NVD
NVD
added 2018/04/16 9:58 a.m.20 views

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

7.8CVSS8.1AI score0.01976EPSS
Exploits0References11
OSV
OSV
added 2018/04/16 9:58 a.m.1 views

DEBIAN-CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

7.8CVSS8AI score0.01976EPSS
Exploits0References1
Prion
Prion
added 2018/04/16 9:58 a.m.23 views

Format string

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

6.8CVSS8AI score0.01976EPSS
Exploits0References11Affected Software6
UbuntuCve
UbuntuCve
added 2018/04/16 12:0 a.m.28 views

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

7.8CVSS7AI score0.01976EPSS
Exploits0References7
CNVD
CNVD
added 2018/04/16 12:0 a.m.2 views

SQL Injection Vulnerability in Website Construction System of Ningxia Hongfeng Network Technology Co.

Ningxia Hongfeng Network Technology Co., Ltd. is Ningxia Yinchuan area specializing in Internet services nature of the enterprise, to provide enterprise website construction, personal website production, 400 telephone for, website revision, website promotion, SEO keyword optimization, e-commerce...

7.9AI score
Exploits0
OSV
OSV
added 2018/04/16 12:0 a.m.3 views

UBUNTU-CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

7.8CVSS7.2AI score0.01976EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2018/04/15 4:0 p.m.38 views

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

7.8CVSS8.2AI score0.01976EPSS
Exploits0
Cvelist
Cvelist
added 2018/04/15 4:0 p.m.34 views

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

8.1AI score0.01976EPSS
Exploits0References11
CNVD
CNVD
added 2018/04/15 12:0 a.m.1 views

Zhengzhou Yuanchen Culture Communication Co., Ltd. website construction system has SQL injection vulnerabilities

Zhengzhou Yuanchen Culture Communication Co., Ltd. is a high-tech enterprise engaged in the Internet, specializing in providing a full set of e-commerce solutions for many enterprises. There is a SQL injection vulnerability in the website construction system of Zhengzhou Yuanchen Culture...

8.2AI score
Exploits0
CNVD
CNVD
added 2018/04/12 12:0 a.m.2 views

iScripts eSwap SQL Injection Vulnerability

IScripts eSwap is an item trading program from IScripts Inc. that supports the use of virtual currency or direct item exchange. The program supports the use of virtual currencies to trade or directly exchange items.User Panel is one of the user panels. A SQL injection vulnerability exists in...

7.2CVSS8AI score0.01037EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/12 12:0 a.m.1 views

Xuzhou Xunbang Technology Co., Ltd. website construction system has SQL injection vulnerabilities

Xuzhou Xunbang Technology Co., Ltd. is engaged in enterprise website design and production, shopping mall website production, marketing website production, mobile APP development, WeChat public platform, cell phone / micro-site production, Baidu optimization and promotion, 360 search promotion,...

7.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.4 views

The vulnerability in the `track_import_export.php` script of the U.motion builder system allows a perpetrator to execute arbitrary SQL queries against the database.

The vulnerability of the trackimportexport.php script of the U.motion builder system, a system for managing industrial and residential buildings, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL...

10CVSS8.2AI score0.02917EPSS
Exploits3References5Affected Software1
CNVD
CNVD
added 2018/04/11 12:0 a.m.3 views

Navarino Infinity SQL Injection Vulnerability

Navarino Infinity is a maritime bandwidth management and optimization solution from Navarino Greece. The solution can be used to equip many types of vessels. A SQL injection vulnerability exists in Navarino Infinity version 2.1.7. A remote attacker could exploit the vulnerability to inject SQL...

9.8CVSS8AI score0.04363EPSS
Exploits1References1
Rows per page
Query Builder