Lucene search
K

530 matches found

Positive Technologies
Positive Technologies
added 2018/05/09 12:0 a.m.7 views

PT-2018-5671 · Mysql Server · Mysql Multi-Master Replication Manager (Mmm) Mmm Agentd

Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the add ip function, resulting in arbitrary command execution with the privileges...

10CVSS9.7AI score0.06084EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2018/05/09 12:0 a.m.3 views

PT-2018-5676 · Mysql Server · Mysql Multi-Master Replication Manager

Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the MMM::Agent::Helpers::Network::send arp function, resulting in arbitrary comma...

10CVSS9.6AI score0.05863EPSS
Exploits2References2
CNVD
CNVD
added 2018/04/23 12:0 a.m.5 views

Apple iOS, tvOS and watchOS Graphics Driver Memory Corruption Vulnerability

Apple iOS, tvOS, and watchOS are all products of Apple Inc. Apple iOS is an operating system for mobile devices; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. graphics Driver is one of the graphics drivers. A security vulnerability exists in the Graphics Driv...

9.3CVSS7.4AI score0.01285EPSS
Exploits0References1
OSV
OSV
added 2018/04/19 2:29 a.m.4 views

CVE-2018-2742

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite subcomponent: Framework. Supported versions that are affected are 12.2.2 and 12.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

7.3CVSS7.3AI score0.01905EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2018/04/18 12:0 a.m.6 views

PT-2018-1302 · Cisco · Cisco Ftd

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software versions 6.2.1 through 6.2.2 Description: A vulnerability in the internal packet-processing functionality could allow an unauthenticated, remote attacker to cause an affected device to stop processi...

8.6CVSS8.4AI score0.0184EPSS
Exploits0References4
CNVD
CNVD
added 2018/04/12 12:0 a.m.5 views

CMS Made Simple admin/moduleinterface.php Reflective Cross-Site Scripting Vulnerability

CMS Made Simple is a content management system developed using PHP, MySQL and Smarty template engine. A reflected cross-site scripting vulnerability exists in admin/moduleinterface.php in CMS Made Simple 2.2.7. The vulnerability can be exploited to conduct cross-site scripting attacks via the...

4.8CVSS6.2AI score0.00534EPSS
Exploits1References1
OSV
OSV
added 2018/04/04 7:29 a.m.2 views

DEBIAN-CVE-2018-9264

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency...

7.5CVSS9AI score0.02651EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/04 12:0 a.m.5 views

Wireshark Denial of Service Vulnerability (CNVD-2018-07444)

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.LWAPP dissector is one of the lightweight access point protocol parsers. A security...

7.5CVSS6.7AI score0.02337EPSS
Exploits1References1
OSV
OSV
added 2018/04/03 6:29 a.m.3 views

CVE-2018-4092

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to bypass intended memory-read...

4.7CVSS5.8AI score0.00707EPSS
Exploits0References7
OSV
OSV
added 2018/03/30 8:29 p.m.8 views

CVE-2018-3822

X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate a legitimate user if the SAML Identity Provider allows for self registration with arbitrary...

9.8CVSS5.8AI score0.01598EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2018/03/20 12:0 a.m.6 views

Servicing stack update for Windows 10 Version 1703: March 22, 2018

Servicing stack update for Windows 10 Version 1703: March 22, 2018 Summary This update makes stability improvements for the Windows 10 Version 1703 servicing stack. How to get this update Method 1: Windows Update This update will be downloaded and installed automatically. Method 2: Microsoft Upda...

6.9AI score
Exploits0
OSV
OSV
added 2018/03/13 3:29 p.m.4 views

CVE-2018-1000092

CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery CSRF vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. This attack appear to be exploitable via A specially crafted web page. This vulnerability...

8.8CVSS5.7AI score0.00393EPSS
Exploits1References1
OSV
OSV
added 2017/12/22 2:29 p.m.3 views

DEBIAN-CVE-2017-10872

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors...

6.5CVSS6.8AI score0.01941EPSS
Exploits0References1
OSV
OSV
added 2017/12/22 2:29 p.m.2 views

DEBIAN-CVE-2017-10868

H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header...

7.5CVSS6.8AI score0.03467EPSS
Exploits0References1
OSV
OSV
added 2017/12/01 8:29 a.m.1 views

DEBIAN-CVE-2017-17085

In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length...

7.5CVSS7.8AI score0.16786EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/10 12:0 a.m.5 views

VMware AirWatch Launcher for Android UI Elevation of Privilege Vulnerability

VMware AirWatch is a suite of enterprise mobility management solutions from VMware, Inc. and VMware AirWatch Launcher for Android is one of the launchers based on the Android platform. A privilege extraction vulnerability exists in versions of VMware AirWatch Launcher for Android prior to 3.2.2. ...

7.8CVSS7.1AI score0.00395EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.4 views

Artifex Ghostscript GhostXPS Heap Buffer Overflow Vulnerability

Artifex Ghostscript is an open source PostScript a page description language and programming language for the electronics industry and desktop publishing parser from Artifex Software. Artifex Ghostscript A security vulnerability exists in the 'xpsloadsfntname' function of the xps/xpsfont.c file i...

7.8CVSS7.8AI score0.01785EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/03 12:0 a.m.10 views

Foscam C1 Indoor HD Camera cgiproxy.fcgi dns2 address configuration command injection vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using application firmware version 2.52.2.37. The vulnerability can be exploited to inject arbitrary shell characters by sendi...

8.8CVSS7AI score0.04527EPSS
Exploits1References1
CNVD
CNVD
added 2017/06/21 12:0 a.m.4 views

Apache httpd denial of service vulnerability (CNVD-2017-11803)

Apache httpd is the U.S. Apache Apache Software Foundation, an open source HTTP server developed and maintained specifically for modern operating systems. A security vulnerability exists in the HTTP strict parsing changes added to Apache httpd versions 2.2.32 and 2.4.24. An attacker could exploit...

7.5CVSS6.7AI score0.57472EPSS
Exploits1References1
OSV
OSV
added 2017/06/13 6:29 a.m.4 views

CVE-2017-6682

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.29.76...

8.8CVSS6AI score0.02207EPSS
Exploits0References2
Rows per page
Query Builder