Lucene search
K

8173 matches found

Kaspersky
Kaspersky
added 2020/11/17 12:0 a.m.53 views

KLA12087 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability can be exploited to obtain sensitive information. ...

7.5CVSS7.2AI score0.24622EPSS
Exploits0References4
CNNVD
CNNVD
added 2020/11/17 12:0 a.m.6 views

Mozilla Firefox and Mozilla Thunderbird Security Vulnerabilities

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is a suite of standalone Mozilla Application Suite Mozilla Thunderbird is a stand-alone e-mail client software from the Mozilla...

4.3CVSS6.8AI score0.01277EPSS
Exploits0References18
Kaspersky
Kaspersky
added 2020/11/17 12:0 a.m.67 views

KLA12011 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, perform cross-site scripting attack, obtain sensitive information, cause denial of service, spoof user interface, execute arbitrary code, bypass security restrictions...

9.6CVSS10AI score0.5063EPSS
Exploits3References4
OSV
OSV
added 2020/11/16 5:15 p.m.2 views

CVE-2020-4672

IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186285...

5.4CVSS5.7AI score0.00554EPSS
Exploits0References2
CNVD
CNVD
added 2020/11/16 12:0 a.m.3 views

IBM Sterling B2B Integrator Path Traversal Vulnerability

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A path traversal vulnerability exists in IBM Sterling B2B...

6.5CVSS6.5AI score0.00889EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/16 12:0 a.m.2 views

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2020-63977)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting vulnerability exists in IBM Sterling B...

4.8CVSS6.2AI score0.00545EPSS
Exploits0References1
OSV
OSV
added 2020/11/15 7:26 p.m.8 views

OPENSUSE-SU-2020:1937-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 86.0.4240.183 boo1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data...

9.6CVSS9.5AI score0.48574EPSS
Exploits3References9
BDU FSTEC
BDU FSTEC
added 2020/11/12 12:0 a.m.3 views

The vulnerability of Google Chrome’s user interface allows a hacker to compromise the rendering process and bypass the sandboxing protection mechanisms.

The vulnerability of Google Chrome’s user interface arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the rendering process and bypass the sandboxing mechanism by using a specially crafted HTML page...

10CVSS8.2AI score0.02379EPSS
Exploits0References6Affected Software4
CNVD
CNVD
added 2020/11/11 12:0 a.m.4 views

Command execution vulnerability exists in MyuCMS (CNVD-2020-67557)

MyuCMS front-end is built with UIkit framework, back-end is built with layui back-end framework and back-end is developed with PHP+MYSQL. MyuCMS has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/11/11 12:0 a.m.5 views

IBM Content Navigator Cross-Site Scripting Vulnerability (CNVD-2020-62469)

IBM Content Navigator is a Web client that provides users with a console that enables them to access, manage, and use corporate content anytime, anywhere, from any location in the organization on virtually any mobile device. A cross-site scripting vulnerability exists in IBM Content Navigator...

5.4CVSS6.2AI score0.00851EPSS
Exploits0References1
OSV
OSV
added 2020/11/10 3:15 p.m.2 views

CVE-2020-4760

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188737...

5.4CVSS5.8AI score0.00851EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2020/11/10 12:0 a.m.54 views

KLA12014 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Data validation vulnerability in installer component can be exploited to...

9.6CVSS9.8AI score0.48574EPSS
Exploits3References5
BDU FSTEC
BDU FSTEC
added 2020/11/10 12:0 a.m.3 views

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

8.5CVSS7.7AI score0.01241EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2020/11/10 12:0 a.m.3 views

PT-2020-4606

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to a spoofing vulnerability in the Windows operating system, which is associated with errors in the representation of information by the user interface. This vulnerabilit...

5.5CVSS6.1AI score0.19124EPSS
Exploits0References14
Kaspersky
Kaspersky
added 2020/11/10 12:0 a.m.38 views

KLA12001 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of...

8.8CVSS8.8AI score0.01697EPSS
Exploits7References18
Kaspersky
Kaspersky
added 2020/11/10 12:0 a.m.52 views

KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a...

10CVSS9.9AI score0.25285EPSS
Exploits3References59
Positive Technologies
Positive Technologies
added 2020/11/10 12:0 a.m.7 views

PT-2020-4827 · Microsoft · Azure Devops Server +1

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server and Team Foundation Services affected versions not specified Description: The issue is related to a spoofing vulnerability in the Team Foundation Services component of Azure DevOps Server, where the user interface can be...

7.5CVSS5.1AI score0.01512EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/11/09 9:28 a.m.2 views

chromium-browser: Use after free in user interface

Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.01502EPSS
Exploits0References5
Citrix
Citrix
added 2020/11/09 12:0 a.m.9 views

Citrix StoreFront Web GUI Assistant

StoreFront Web GUI DevlopedDate: 09/12/2013 Modified Date: 04/16/2020 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download locatio...

7.2AI score
Exploits0
Citrix
Citrix
added 2020/11/09 12:0 a.m.10 views

MessageHistory

MessageHistory Version 3.0 Created Date: 08/20/2006 Updated Date: 09/25/2013 Please note: You can download the required file from the Citrix downloads website by visiting the following link: https://www.citrix.com/downloads/citrix-tools Description Sometimes Citrix Technical Support needs to...

7.2AI score
Exploits0
Rows per page
Query Builder