Lucene search
+L

110 matches found

CNVD
CNVD
added 2019/07/25 12:0 a.m.2 views

Apple watchOS Messages has an unspecified vulnerability

Apple watchOS is an operating system for smartwatches from Apple Inc. Messages is an application component for sending text, photos and videos. A security vulnerability exists in the Messages component in Apple watchOS versions prior to 5.3. After being removed from an iMessage call, an attacker...

7.5CVSS6.6AI score0.00811EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/10 12:0 a.m.4 views

MetInfo Cross-Site Request Forgery Vulnerability (CNVD-2019-14687)

MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A cross-site request forgery vulnerability exists in Metinfo version 5.3.18. The vulnerability stems from a WEB application that does not adequately validate whether a request is coming from a trusted...

8.8CVSS6.9AI score0.00661EPSS
Exploits1References1
OSV
OSV
added 2018/12/21 5:46 p.m.6 views

GHSA-HJM9-576Q-399P Remote Code Execution in esigate-core

esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...

9.8CVSS5.9AI score0.0316EPSS
Exploits0References4
OSV
OSV
added 2018/11/17 5:29 p.m.4 views

CVE-2018-19340

Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameter...

6.1CVSS5.8AI score0.00707EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/02 12:0 a.m.4 views

Ivanti Avalanche Information Disclosure Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche versions 5.3 and 6.2. The vulnerability can be exploited by a...

7.8CVSS7.8AI score0.00661EPSS
Exploits0References1
OSV
OSV
added 2018/01/31 8:29 p.m.5 views

CVE-2018-0136

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router ASR 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service DoS condition. The...

8.6CVSS5.8AI score0.0267EPSS
Exploits0References3
CNVD
CNVD
added 2017/11/02 12:0 a.m.6 views

Apache Traffic Server Remote Code Execution Vulnerability

Apache Traffic Server is the United States Apache Apache Software Foundation of an efficient , scalable HTTP proxy and caching server . A security vulnerability exists in the HTTP/2 experimental feature of Apache Traffic Server versions 5.3.x prior to 5.3.1. A remote attacker can exploit this...

9.8CVSS7.5AI score0.05438EPSS
Exploits0References1
OSV
OSV
added 2017/09/13 4:29 p.m.7 views

UBUNTU-CVE-2015-5206

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168...

9.8CVSS7.2AI score0.02411EPSS
Exploits0References3
CNVD
CNVD
added 2017/06/07 12:0 a.m.5 views

Elasticsearch Kibana cross-site scripting vulnerability (CNVD-2017-11643)

Elasticsearch Kibana formerly known as elasticsearch-dashboard is a suite of open-source, browser-based analytics and search Elasticsearch dashboard tools from the Dutch company Elasticsearch. A cross-site scripting vulnerability exists in the Discover page in Elasticsearch Kibana versions 5.3 an...

6.1CVSS6.1AI score0.0099EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/16 12:0 a.m.4 views

Command Execution Vulnerability in Metinfo 5.3.10 CMS Latest Version

MetInfo is an enterprise website building software that supports multi-terminal display and is easy to use. A command execution vulnerability exists in the latest version of Metinfo 5.3.10 CMS, which can be exploited by attackers to execute arbitrary commands...

7.7AI score
Exploits0
Rows per page
Query Builder