Lucene search
K

685 matches found

Tenable Nessus
Tenable Nessus
added 2021/07/14 12:0 a.m.31 views

Juniper Junos OS Vulnerability (JSA11193)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11193 advisory. - An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected,...

6.5CVSS6.6AI score0.01008EPSS
Exploits0References3
NCSC
NCSC
added 2021/07/14 12:0 a.m.4 views

Vulnerabilities fixed in QEMU

Vulnerabilities have been fixed in QEMU. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution with privileges of the QEMU process Access to sensitive data Access to...

8.2CVSS7.7AI score0.05447EPSS
Exploits3
NCSC
NCSC
added 2021/07/12 12:0 a.m.8 views

Vulnerabilities fixed in Kaseya Virtual System Administrator (VSA)

Vulnerabilities have been fixed in Kaseya VSA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights SQL Injection Access to sensitive data...

10CVSS7.5AI score0.85619EPSS
Exploits10
NCSC
NCSC
added 2021/07/08 12:0 a.m.2 views

Vulnerabilities fixed in Ruby

Vulnerabilities have been fixed in Ruby. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to system data Ruby developers have released updates to address t...

7.4CVSS8.8AI score0.0305EPSS
Exploits2
NCSC
NCSC
added 2021/07/07 12:0 a.m.7 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of security measure Remote code...

9.8CVSS6.9AI score0.01498EPSS
Exploits7
BDU FSTEC
BDU FSTEC
added 2021/07/06 12:0 a.m.5 views

The vulnerability of Intel microprogramming software relates to the lack of protection for system data, which allows attackers to disclose protected information.

The vulnerability of Intel microprogramming software is related to the lack of protection for system data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

6.5CVSS6.5AI score0.00472EPSS
Exploits0References9Affected Software4
NCSC
NCSC
added 2021/07/01 12:0 a.m.2 views

Vulnerabilities fixed in OpenSUSE kernel

Vulnerabilities have been fixed in the openSUSE kernel. The vulnerabilities allow a malicious person to perform attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Accessing system data -=...

7.8CVSS8.4AI score0.01476EPSS
Exploits1
NCSC
NCSC
added 2021/07/01 12:0 a.m.4 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in OpenShift Container Platform. The vulnerabilities allow a malicious party to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of security measure. Remote code execution User...

8.1CVSS8.7AI score0.7795EPSS
Exploits1
NCSC
NCSC
added 2021/06/24 12:0 a.m.5 views

Vulnerabilities fixed in Red Hat OpenShift

Vulnerabilities have been fixed in OpenShift. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Access to system data Increased user privileges Red Hat ha...

9.8CVSS7.8AI score0.62906EPSS
Exploits16
Prion
Prion
added 2021/06/11 3:15 p.m.26 views

Design/Logic Flaw

Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data...

2.1CVSS6.1AI score0.00138EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2021/05/18 3:38 p.m.5 views

trousers: tss user can be used to create or corrupt existing files, this could lead to DoS

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...

5.5CVSS7.3AI score0.00553EPSS
Exploits1References5
NVD
NVD
added 2021/05/12 11:15 p.m.11 views

CVE-2021-23135

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14...

5.9CVSS0.00232EPSS
Exploits0References1
OSV
OSV
added 2021/05/12 11:15 p.m.16 views

CVE-2021-23135

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14...

5.5CVSS7AI score
Exploits0References1
CNNVD
CNNVD
added 2021/05/12 12:0 a.m.3 views

Argo 信息泄露漏洞

Argo is an open source container native workflow engine. A security vulnerability exists in Argo CD. The vulnerability stems from the exposure of system data in the program's Web UI to an unauthorized Control Sphere exploit, which could allow an attacker to leak confidential data leading to leaks...

5.9CVSS5.6AI score0.00232EPSS
Exploits0References2
NCSC
NCSC
added 2021/05/04 12:0 a.m.16 views

Vulnerabilities fixed in Samsung products

Several vulnerabilities have been fixed in various Android-based products from Samsung. The vulnerabilities allow a malicious person, remotely or otherwise, to carry out attacks that lead to the following categories of damage: Manipulation of data Circumvention of security measure Remote code...

10CVSS8.8AI score0.06692EPSS
Exploits8
Prion
Prion
added 2021/04/22 8:15 p.m.14 views

Authorization

An improper authorization vulnerability in the Simple Network Management Protocol daemon snmpd service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs tha...

7.5CVSS7.1AI score0.00893EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/22 7:37 p.m.26 views

CVE-2021-0260 Junos OS: SNMP fails to properly perform authorization checks on incoming received SNMP requests.

An improper authorization vulnerability in the Simple Network Management Protocol daemon snmpd service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs tha...

7.3CVSS7.4AI score0.00893EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/04/21 1:15 p.m.3 views

python-psutil: Double free because of refcount mishandling

A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutildiskpartitions, psutilusers, psutilnetifaddrs, and others. In particular cases, a local attacker may be able to get code...

7.5CVSS7.3AI score0.03522EPSS
Exploits0References4
NCSC
NCSC
added 2021/04/21 12:0 a.m.6 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access to...

9.8CVSS8.8AI score0.42993EPSS
Exploits5
NCSC
NCSC
added 2021/04/21 12:0 a.m.7 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Increased user...

10CVSS7.8AI score0.74513EPSS
Exploits8
Rows per page
Query Builder