Lucene search
+L

3083 matches found

OSV
OSV
added 2018/07/18 1:29 p.m.2 views

CVE-2018-2929

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS7.3AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.4 views

CVE-2018-2907

Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion subcomponent: Security Models. The supported version that is affected is 11.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Financial Reporting...

8.6CVSS5.8AI score0.0271EPSS
Exploits0References3
Akamai Blog
Akamai Blog
added 2018/07/17 1:0 p.m.2 views

HTTP+TLS and IPV6-Enablement Both in the Majority for World Cup Streaming

The underlying protocols of the Internet continue to evolve, and massive events such as the World Cup are a great opportunity to see this in action...

6.9AI score
Exploits0
OSV
OSV
added 2018/07/16 5:29 p.m.5 views

CVE-2018-0383

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...

8.6CVSS5.8AI score0.03026EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2018/07/16 12:0 a.m.7 views

PT-2018-8802 · Cisco · Cisco Firesight System

Name of the Vulnerable Software and Affected Versions: Cisco FireSIGHT System Software affected versions not specified Description: A vulnerability exists in the detection engine of the software, allowing an unauthenticated, remote attacker to bypass a file policy configured to block file transfe...

8.6CVSS7.1AI score0.03026EPSS
Exploits0References4
OSV
OSV
added 2018/07/13 8:29 p.m.5 views

CVE-2016-9499

Accellion FTP server prior to version FTA912220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them...

5.3CVSS5.8AI score0.07766EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2018/07/11 6:29 p.m.3 views

Junos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a...

8.1CVSS5.5AI score0.0143EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2018/07/11 6:29 p.m.4 views

CVE-2018-0025

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a...

8.1CVSS5.8AI score0.0143EPSS
Exploits0References6
OSV
OSV
added 2018/07/11 1:29 p.m.3 views

ALPINE-CVE-2018-0500

Curlsmtpescapeeob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings i.e., use of a nonstandard --limit-rate argument or CURLOPTBUFFERSIZE...

9.8CVSS7.4AI score0.06433EPSS
Exploits1References1
OSV
OSV
added 2018/07/11 12:29 a.m.7 views

CVE-2018-8206

A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol FTP connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

7.5CVSS5.8AI score0.10783EPSS
Exploits0References3
CNVD
CNVD
added 2018/07/11 12:0 a.m.33 views

SEL AcSELerator Architect Denial of Service Vulnerability

SEL AcSELerator Architect is a Schweitzer Engineering Laboratories SEL system for communicating with, configuring, and managing substations. A denial of service vulnerability exists in SEL AcSELerator Architect 2.2.24.0 and prior versions, which can be exploited by an attacker to cause a denial o...

7.8CVSS7.5AI score0.07819EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2018/07/11 12:0 a.m.376 views

Microsoft Windows Multiple Vulnerabilities (KB4338818)

This host is missing a critical security update according to Microsoft KB4338818 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.2AI score0.70028EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2018/07/11 12:0 a.m.259 views

Microsoft Windows Multiple Vulnerabilities (KB4338815)

This host is missing a critical security update according to Microsoft KB4338815 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.7AI score0.93838EPSS
Exploits21References2
Tenable Nessus
Tenable Nessus
added 2018/07/10 12:0 a.m.84 views

KB4338826: Windows 10 Version 1703 July 2018 Security Update

The remote Windows host is missing security update 4338826. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A remote code execution...

9.3CVSS7.9AI score0.71043EPSS
Exploits9References28
Tenable Nessus
Tenable Nessus
added 2018/07/10 12:0 a.m.154 views

KB4338814: Windows 10 Version 1607 and Windows Server 2016 July 2018 Security Update

The remote Windows host is missing security update 4338814. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A remote code execution...

9.3CVSS8.2AI score0.70028EPSS
Exploits6References23
Tenable Nessus
Tenable Nessus
added 2018/07/10 12:0 a.m.387 views

KB4338824: Windows 8.1 and Windows Server 2012 R2 July 2018 Security Update

The remote Windows host is missing security update 4338824 or cumulative update 4338815. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A...

9.3CVSS8.1AI score0.70028EPSS
Exploits6References20
OSV
OSV
added 2018/07/03 2:29 p.m.6 views

CVE-2018-7779

In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access...

7.5CVSS5.8AI score0.01392EPSS
Exploits0References1
OSV
OSV
added 2018/06/29 2:29 p.m.5 views

CVE-2018-13000

An XSS issue was discovered in Advanced Electron Forum AEF v1.0.9. A persistent XSS vulnerability is located in the FTP Link element of the Private Message module. The editor of the private message module allows inserting links without sanitizing the content. This allows remote attackers to injec...

4.8CVSS6AI score0.00935EPSS
Exploits3References1
CNVD
CNVD
added 2018/06/26 12:0 a.m.7 views

Multiple Cisco Products FXOS and UCS Fabric Interconnect Software Input Validation Vulnerabilities

Cisco Firepower 4100 Series Next-Generation Firewall and so on are the products of the American Cisco Cisco company.Cisco Firepower 4100 Series Next-Generation Firewall is a firewall product.UCS 6200 Cisco Firepower 4100 Series Next-Generation Firewall is a firewall product. UCS 6200 Series Fabri...

7.8CVSS7.3AI score0.01919EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/25 12:0 a.m.7 views

Eclipse Jetty Elevation of Privilege Vulnerability

Jetty is a pure Java-based web server and Java Servlet container . An elevation of privilege vulnerability exists in Eclipse Jetty versions 9.4.0 through 9.4.8. An attacker can use this vulnerability to access/hijack other HttpSessions and delete mismatched HttpSessions...

8.8CVSS8.6AI score0.02689EPSS
Exploits0References1
Rows per page
Query Builder