Lucene search
K

626 matches found

BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server are due to insufficient validation of input data. This allows attackers to execute arbitrary code.

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS7.7AI score0.01142EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/14 12:0 a.m.8 views

The vulnerability of the SimpleEvaluationContext class in the Spring Data Commons data management platform and the Spring Data REST framework for creating web services allows a attacker to execute arbitrary code.

The vulnerability of the SimpleEvaluationContext class in the Spring Data Commons data management platform and the Spring Data REST web framework is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially...

10CVSS8.2AI score0.95649EPSS
Exploits9References10Affected Software2
CNNVD
CNNVD
added 2022/11/04 12:0 a.m.4 views

Cisco Identity Services Engine 跨站脚本漏洞

Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users, and devices, and develops and enforces policies to monitor the network. A cross-site scripting vulnerability exists in...

5.4CVSS6AI score0.00429EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/11/01 11:15 p.m.3 views

CVE-2022-3661

Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. Chromium security severity: Low...

4.3CVSS6.1AI score0.00421EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/10/24 12:0 a.m.12 views

Vulnerability of the Shell component: The Core Client for command-line and code editor, Oracle MySQL Shell, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Shell component: The Core Client for command-line input and the Oracle MySQL Shell code editor have vulnerabilities due to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to gain read, modify, add, or delete data permissions...

3.9CVSS6.5AI score0.0042EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/24 12:0 a.m.7 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

4.9CVSS6.3AI score0.01058EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/18 12:0 a.m.6 views

PT-2022-5281 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.30 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of the MySQL Server product. This allows an attacker with network access via multiple protocols to...

9.8CVSS7.1AI score0.78483EPSS
Exploits10References399
CNNVD
CNNVD
added 2022/09/24 12:0 a.m.35 views

Nepxion 安全漏洞

Nepxion Discovery is an enhanced middleware for service registration discovery for Spring Cloud. Nepxion Discovery 6.16.2 and earlier versions are vulnerable to a remote code execution vulnerability that stems from a lack of validation of input data in Discovery-commons and is susceptible to SpEL...

9.8CVSS8.6AI score0.01804EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/09/09 12:0 a.m.7 views

The vulnerability of the disaster recovery tool for Azure virtual machines – Azure Site Recovery and VMWare to Azure – arises due to insufficient validation of input data. This vulnerability allows attackers to trigger service failures.

The vulnerability of the disaster recovery tool for Azure virtual machines exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.2CVSS6.8AI score0.00787EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.12 views

The vulnerability of the RPKI validator OctoRPKI, related to insufficient validation of input data, allows a violator to trigger a service failure.

The vulnerability of the RPKI validator OctoRPKI is related to the use of a zero value during the generation of Route Origin Authorisations. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

5.4CVSS7.2AI score0.01255EPSS
Exploits0References5Affected Software2
CNNVD
CNNVD
added 2022/09/02 12:0 a.m.6 views

MediaWiki 资源管理错误漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A resource management error vulnerability exists in MediaWiki version 1.38.2, which stems from th...

4.9CVSS5AI score0.00895EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/08/30 12:0 a.m.4 views

The vulnerability of the eBPF subsystem in the Linux operating system allows a hacker to cause a service failure, an application to terminate abnormally, or execute arbitrary code.

The vulnerability of the eBPF subsystem in the Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures, unexpected termination of applications, or execute arbitrary code...

7.1CVSS6.9AI score0.01095EPSS
Exploits1References21Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.6 views

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat, and Adobe Acrobat Reader lies in insufficient validation of input data, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat, and Adobe Acrobat Reader are related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to gain unauthorize...

5.5CVSS6.3AI score0.04055EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/08/18 12:0 a.m.6 views

The vulnerability of the XML Publisher component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected information.

The vulnerability of the XML Publisher component in the Oracle PeopleSoft Enterprise PeopleTools business application suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

6.8CVSS6.5AI score0.00702EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/08/03 9:37 p.m.5 views

USN-5547-1 nvidia-graphics-drivers-390, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-470, nvidia-graphics-drivers-470-server, nvidia-graphics-drivers-510, nvidia-graphics-drivers-510-server, nvidia-graphics-drivers-515, nvidia-graphics-drivers-515-server vulnerabilities

Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-31607 Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled...

7.8CVSS6.8AI score0.00245EPSS
Exploits0References4
OSV
OSV
added 2022/07/21 2:15 p.m.6 views

CVE-2022-20890

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS6.2AI score0.00876EPSS
Exploits0References1
OSV
OSV
added 2022/07/21 4:15 a.m.4 views

CVE-2022-20879

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS6.2AI score0.00947EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/20 11:0 p.m.5 views

CVE-2022-20906

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these...

6.7CVSS6.8AI score0.00195EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.8 views

CVE-2022-20893

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.00876EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.5 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to insufficient validation of input data, allows attackers to execute arbitrary code or cause service failures.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

10CVSS8AI score0.01262EPSS
Exploits0References6Affected Software7
Rows per page
Query Builder