Lucene search
K

8109 matches found

Kaspersky
Kaspersky
added 2021/01/21 12:0 a.m.39 views

KLA12049 Multiple vulnerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebS...

9.6CVSS9.9AI score0.23406EPSS
Exploits4References26
OSV
OSV
added 2021/01/20 9:15 p.m.3 views

CVE-2021-1142

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS7.6AI score0.04345EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.6 views

CVE-2021-1140

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS7.6AI score0.04383EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.5 views

CVE-2021-1141

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

8.8CVSS7.6AI score0.03964EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.3 views

CVE-2021-2080

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS7.3AI score0.01255EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/20 12:0 a.m.5 views

Cisco Smart Software Manager 操作系统命令注入漏洞

Cisco Smart Software Manager Satellite is software designed to provide intelligent management of licenses. A command injection vulnerability exists in the WEB UI of Cisco Smart Software Manager Satellite 5.1.0 and prior versions. The vulnerability stems from the program not properly validating...

9.8CVSS7.6AI score0.03964EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/19 12:0 a.m.5 views

Oracle Supply Chain 和 Oracle Configurator 安全漏洞

Oracle Configurator is a sales and configuration product that provides the next generation of the latest configuration technology. An unspecified vulnerability exists in the UI Servlet component in Oracle Configurator 12.1, 12.2. An attacker could exploit this vulnerability to compromise...

8.2CVSS7.3AI score0.01255EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/19 12:0 a.m.8 views

Oracle Configurator 安全漏洞

Oracle Configurator is a sales and configuration product that provides the next generation of the latest configuration technology. An unspecified vulnerability exists in the UI Servlet component in Oracle Configurator 12.1, 12.2. An attacker could exploit this vulnerability to compromise...

8.2CVSS7.3AI score0.01255EPSS
Exploits0References2
OSV
OSV
added 2021/01/15 6:15 p.m.4 views

CVE-2021-0220

The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the victim browser for example via XSS or access cached contents may be able to obtain a copy of...

6.8CVSS6.8AI score0.01154EPSS
Exploits0References1
Veracode
Veracode
added 2021/01/14 4:24 p.m.9 views

Cross-Site Scripting (XSS)

Jenkins is vulnerable to cross-site scripting. The vulnerability existed because it does not escape button labels in the Jenkins UI...

5.4CVSS6.1AI score0.01029EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/01/13 10:15 p.m.24 views

CVE-2021-1238

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerabilities exist because the...

4.8CVSS5AI score0.00615EPSS
Exploits0References1
NVD
NVD
added 2021/01/13 10:15 p.m.14 views

CVE-2021-1130

A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface...

4.8CVSS4.9AI score0.00817EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2021/01/13 12:0 a.m.28 views

KLA12207 Security UI vulnerability in Cisco Jabber

A security UI vulnerability was found in Cisco Jabber. Malicious users can exploit this vulnerability to obtain sensitive information, spoof user interface. Original advisories Cisco Jabber and Webex Client Software Shared File Manipulation Vulnerability Related products Cisco-Jabber CVE list...

4.3CVSS5.2AI score0.01352EPSS
Exploits0References3
OSV
OSV
added 2021/01/12 3:15 p.m.1 views

CVE-2021-21448

SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on th...

6.5CVSS7.3AI score
Exploits0References2
CNVD
CNVD
added 2021/01/12 12:0 a.m.2 views

Marvell QConvergeConsole GUI Authorization Issues Vulnerability

Marvell QConvergeConsole QCC is a unified adapter management software across data centers from Marvell. The software is primarily used for Ethernet and Fibre Channel adapter management, among other things. A security vulnerability exists in the Marvell QConvergeConsole GUI version 5.5.0.74 and...

8.5CVSS7.1AI score0.0166EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2021/01/12 12:0 a.m.34 views

KLA12039 ACE vulnerability in Microsoft Browsers

A memory corruption vulnerability was found in Microsoft Browsers. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-1705 Related products Microsoft-Edge CVE list CVE-2021-1705 critical KB list 4598243 4598231 4598229 4598242 4598230 4598245...

7.6CVSS6.3AI score0.01916EPSS
Exploits0References9
Kaspersky
Kaspersky
added 2021/01/12 12:0 a.m.44 views

KLA12042 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Word can be exploited...

9.3CVSS8.3AI score0.03614EPSS
Exploits1References42
Kaspersky
Kaspersky
added 2021/01/12 12:0 a.m.19 views

KLA12038 SUI vulnerability in Microsoft Azure

A spoofing vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2021-1677 Related products Microsoft-Azure CVE list CVE-2021-1677 high KB list Solution Install necessary updates from the KB section, that are...

5.5CVSS5.4AI score0.01133EPSS
Exploits0References3
CNVD
CNVD
added 2021/01/11 12:0 a.m.2 views

IBM Engineering Workflow Management Cross-Site Scripting Vulnerability (CNVD-2021-03015)

IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...

5.4CVSS6.2AI score0.00554EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/11 12:0 a.m.3 views

IBM Engineering Workflow Management Cross-Site Scripting Vulnerability (CNVD-2021-03014)

IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...

5.4CVSS6.2AI score0.00554EPSS
Exploits0References1
Rows per page
Query Builder