Lucene search
K

8056 matches found

CNNVD
CNNVD
added 2021/03/24 12:0 a.m.7 views

Cisco IOS XE Software 输入验证错误漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient error handling in the web UI. An attacker can exploit this...

4.3CVSS6.2AI score0.00944EPSS
Exploits0References4
0day.today
0day.today
added 2021/03/24 12:0 a.m.45 views

Intel RST User Interface / Driver Privilege Escalation Exploit

Hi @ll, more than 2 years ago I disclosed 2 vulnerabilities leading to local escalation of privilege in the Intel® Rapid Storage Technology Intel® RST User Interface and Driver: see and Intel fixed this vulnerability only in their executable installer. Some time later Intel rewrote or rebuilt thi...

7.4AI score
Exploits0
Kaspersky
Kaspersky
added 2021/03/23 12:0 a.m.35 views

KLA12129 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory safety vulnerability can b...

9.8CVSS9.7AI score0.01404EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/22 9:28 a.m.29 views

CVE-2021-22191

There's a flaw in Wireshark. An attacker who sends malicious links with schemes other than http/https over the wire or via a pcapng file, and who is able to get a victim user of Wireshark's user interface to click these links, could perform actions such as mounting volumes, or in some cases...

8.8CVSS0.8AI score0.03639EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/03/21 12:0 a.m.5 views

The vulnerability of the Google Chrome browser’s media component, which allows a hacker to access confidential data

The vulnerability of the Google Chrome browser’s media component is related to security issues with the user interface. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

4.3CVSS6.9AI score0.01084EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/21 12:0 a.m.4 views

The vulnerability of the Google Chrome browser’s WebUI user interface allows a perpetrator to compromise data integrity.

The vulnerability of the WebUI user interface of Google Chrome is related to the lack of a mechanism for verifying entered data. Exploiting this vulnerability allows an attacker to compromise the integrity of data...

4.3CVSS6.8AI score0.01359EPSS
Exploits0References13Affected Software5
Fedora
Fedora
added 2021/03/20 12:21 a.m.63 views

[SECURITY] Fedora 34 Update: gnome-shell-40.0~rc-1.fc34

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

5.5CVSS1.9AI score0.00639EPSS
Exploits1
Fedora
Fedora
added 2021/03/20 12:21 a.m.30 views

[SECURITY] Fedora 34 Update: gnome-control-center-40~rc-1.fc34

This package contains configuration utilities for the GNOME desktop, which allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings...

5.5CVSS2.7AI score0.00639EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.19 views

Fedora: Security Advisory for gnome-control-center (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2021/03/16 12:0 a.m.36 views

Siemens Solid Edge Viewer Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.9AI score0.01509EPSS
Exploits0References1
Gitee
Gitee
added 2021/03/15 7:19 p.m.7 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

It is an offensive tool for Web applications. The primary CVE ID is 'CVE-2020-5902'. The target product/service is BIG-IP F5, and the vulnerability class/vector is Remote Code Execution RCE. The probable entry point is undisclosed pages in the Traffic Management User Interface TMUI, also referred...

10CVSS8AI score0.99999EPSS
Exploits60
OSV
OSV
added 2021/03/15 7:6 p.m.8 views

OPENSUSE-SU-2021:0413-1 Security update for opera

This update for opera fixes the following issues: - Update to version 74.0.3911.203 - CHR-8324 Update chromium on desktop-stable-88-3911 to 88.0.4324.182boo1182358 - DNA-90762 Replace “Don’t show again” with “Discard” - DNA-90974 Crash at...

9.6CVSS9.6AI score0.19815EPSS
Exploits8References12
BDU FSTEC
BDU FSTEC
added 2021/03/15 12:0 a.m.4 views

The vulnerability of Google Chrome’s user interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Google Chrome browser user interface is related to errors in cryptographic transformations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.3CVSS7AI score0.01599EPSS
Exploits1References11Affected Software6
OSV
OSV
added 2021/03/14 2:11 p.m.4 views

OPENSUSE-SU-2021:0410-1 Security update for crmsh

This update for crmsh fixes the following issues: - Update to version 4.3.0+20210305.9db5c9a8: Fix: bootstrap: Adjust qdevice configure/remove process to avoid race condition due to quorum lostbsc1181415 Dev: cibconfig: remove related code about detecting crmdiff support --no-verion Fix:...

8.8CVSS7.9AI score0.00994EPSS
Exploits1References12
CNNVD
CNNVD
added 2021/03/11 12:0 a.m.3 views

F5 BIG-IQ 跨站脚本漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A cross-site scripting vulnerability exists in BIG-IQ, which could be exploited by an attacker using a specially crafted URL to reflect...

6.1CVSS6AI score0.00621EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/03/11 12:0 a.m.3 views

The vulnerability of the FortiMail email security system, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of the FortiMail email security system is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to enhance their privileges by requesting a password change through the user interface...

10CVSS7.7AI score0.77778EPSS
Exploits2References3Affected Software2
CNNVD
CNNVD
added 2021/03/10 12:0 a.m.13 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. The TMUI remote command execution vulnerability in F5 BIGIP Appliance mode can be exploited by an attacker to execute arbitrar...

9.9CVSS6.3AI score0.13672EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/03/10 12:0 a.m.3 views

F5 BIG-IP 跨站脚本漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a cross-site scripting vulnerability that can be exploited by an attacker to trigger cross-site scripti...

6.1CVSS5.4AI score0.00581EPSS
Exploits0References4
OSV
OSV
added 2021/03/05 9:15 p.m.6 views

CVE-2020-29020

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...

7.2CVSS7.1AI score0.01742EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/05 12:0 a.m.11 views

IBM Engineering Test Management Cross-Site Scripting Vulnerability (CNVD-2021-14749)

IBM Engineering Test Management is a collaborative quality management solution that provides end-to-end test planning and test asset management with broad coverage from requirements to defects. A cross-site scripting vulnerability exists in IBM Engineering Test Management. An attacker could explo...

6.4CVSS6AI score0.00539EPSS
Exploits0References1
Rows per page
Query Builder