Lucene search
K

36 matches found

CNVD
CNVD
added 2024/01/26 12:0 a.m.32 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2024-10439)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A...

4.3CVSS6.9AI score0.00596EPSS
Exploits0References1
CNVD
CNVD
added 2023/02/21 12:0 a.m.33 views

Dell BIOS Input Validation Error Vulnerability (CNVD-2023-14506)

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which stems from incorrect input validation. An attacker could use the SMI Serial Interface to execute arbitrary code in SMRAM...

7.5CVSS4.3AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
added 2022/10/14 12:0 a.m.23 views

Dell BIOS Input Validation Error Vulnerability (CNVD-2023-08762)

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which could be exploited by a locally authenticated attacker to obtain arbitrary code execution in SMRAM using SMI...

7.8CVSS3AI score0.00204EPSS
Exploits0References1
CNVD
CNVD
added 2022/10/13 12:0 a.m.21 views

Dell BIOS Input Validation Error Vulnerability (CNVD-2023-08765)

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which can be exploited by a locally authenticated attacker to obtain arbitrary code execution in SMRAM by using SMI...

8.8CVSS3.1AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
added 2022/07/19 12:0 a.m.20 views

Adobe InCopy Buffer Overflow Vulnerability (CNVD-2022-55642)

Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from a buffer overflow vulnerability that originates from a boundary error when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary code on the system...

7.8CVSS8AI score0.00463EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.18 views

Dell BIOS Input Validation Error Vulnerability (CNVD-2022-85078)

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which can be exploited by a locally authenticated attacker to bypass security controls in SMM by sending malicious input to SMI...

7.8CVSS2.5AI score0.00266EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.99 views

Adobe InCopy Out-of-Bounds Write Vulnerability (CNVD-2022-50232)

Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

9.3CVSS7.6AI score0.02242EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.102 views

Adobe InCopy Out-of-Bounds Write Vulnerability (CNVD-2022-50231)

Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

9.3CVSS7.6AI score0.01934EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.16 views

Adobe InCopy Resource Management Error Vulnerability (CNVD-2022-48783)

Adobe InCopy is a text editing software for authoring from Adobe U.S.A. A resource management error vulnerability exists in Adobe InCopy. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current user...

9.3CVSS4.1AI score0.02459EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.12 views

Adobe InCopy out-of-bounds write vulnerability (CNVD-2022-48784)

Adobe InCopy is a text editing software for authoring from Adobe U.S.A. An out-of-bounds write vulnerability exists in Adobe InCopy. An attacker could use this vulnerability to execute arbitrary code in the context of the current user...

9.3CVSS4AI score0.01934EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/16 12:0 a.m.17 views

InHand Networks InRouter302跨站脚本漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, U.S.A. A cross-site scripting vulnerability exists in InHand Networks InRouter302 V3.5.4, which can be exploited by attackers to cause arbitrary Javascript code...

6.1CVSS3.1AI score0.01392EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.98 views

Adobe InCopy Memory Misreference Vulnerability

Adobe InCopy is a text editing software for authoring from Adobe U.S.A. A memory mis-reference vulnerability exists in Adobe InCopy, which stems from a mix-up in the program's instructions for freeing memory. An attacker could exploit this vulnerability to execute arbitrary code on the system...

7.8CVSS4.3AI score0.00489EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/21 12:0 a.m.23 views

Elcomplus SmartPPT Licensing Issue Vulnerability

Elcomplus SmartPPT is an integrated voice and data scheduling software from Elcomplus, U.S.A. An authorization issue vulnerability exists in Elcomplus SmartPPT, which can be exploited by a low-authentication attacker to access higher-level administrative authorizations by sending a request direct...

9CVSS2.8AI score0.00594EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/12 12:0 a.m.8 views

InHand Networks InRouter 900 Industrial 4G Router命令注入漏洞(CNVD-2022-31529)

The InHand Networks InRouter 900 is a series of industrial routers from InHand Networks, U.S.A. A security vulnerability exists in the InHand Networks InRouter 900 Industrial 4G Router, and no details of the vulnerability are currently available...

9.8CVSS3.9AI score0.03592EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/31 12:0 a.m.18 views

IBM ISS BlackICE PC Protectionk Cross-Site Scripting Vulnerability

The IBM ISS BlackICE PC is a personal firewall/IDS for Windows desktops from IBM USA. A security vulnerability exists in IBM ISS BlackICE PC Protection that originates from an operation using unknown input that results in cross-site scripting. An attacker could exploit the vulnerability to conduc...

6.1CVSS5.7AI score0.00476EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/17 12:0 a.m.17 views

ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68525)

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the upnpttl parameter in the upnp function failing to properly filter the construct command special characters, commands, etc. An attacker could exploit this...

10CVSS6.8AI score0.03453EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/17 12:0 a.m.12 views

ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68526)

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the htimezone parameter in the time zone function to properly filter the construct command special characters, commands, etc. The vulnerability can ...

10CVSS4.3AI score0.03453EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/17 12:0 a.m.26 views

ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68524)

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300 v1.0.13, which stems from the failure of the wpsenroleepin parameter in the wps function to properly filter the construct command special characters, commands, etc. An attacker coul...

10CVSS6.7AI score0.03453EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.22 views

Bentley Systems MicroStation Buffer Overflow Vulnerability (CNVD-2022-16160)

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer overflow vulnerability exists in Bentley Systems MicroStation that can be exploited by an attacker to execute code in the context of the current process...

7.8CVSS7.9AI score0.01878EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.21 views

Bentley Systems MicroStation Buffer Overflow Vulnerability (CNVD-2022-15818)

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer overflow vulnerability exists in Bentley Systems MicroStation, which can be exploited by an attacker to execute code in the context of the current process...

7.8CVSS7.9AI score0.01955EPSS
Exploits0References1
Rows per page
Query Builder