Lucene search
+L

362 matches found

CNVD
CNVD
added 2018/02/27 12:0 a.m.58 views

MP4v2 Denial of Service Vulnerability

MP4v2 is an open source library written in C++ for handling MP4 containers. A security vulnerability exists in the MP4Atom class of the mp4atom.cpp file in MP4v2 2.0.0 and earlier versions, which stems from the program's failure to properly handle Entry Number validation. A remote attacker can...

8.8CVSS6.7AI score0.01376EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/08 12:0 a.m.7 views

CCN-lite Integer Overflow Vulnerability

CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. An integer overflow vulnerability exists in the ndnparsesequence function in CCN-lite versions prior to 2.0.0. An attacker can exploit this vulnerability to cause an integer overflow via...

9.8CVSS7.1AI score0.01572EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/01/20 12:0 a.m.4 views

PT-2018-3409 · Dovecot +3 · Dovecot +3

Name of the Vulnerable Software and Affected Versions: dovecot versions 2.0 through 2.2.33 dovecot version 2.3.0 Description: A flaw in the SASL authentication process can cause a memory leak in dovecot's auth client, which is used by login processes. This issue can have significant impact in...

9.8CVSS6.3AI score0.62579EPSS
Exploits14References69
CNVD
CNVD
added 2018/01/10 12:0 a.m.4 views

Microsoft ASP.NET Core Cross-Site Request Forgery Vulnerability

Microsoft ASP.NET Core is a cross-platform open source framework from Microsoft Corporation USA. The framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. A cross-site request forgery vulnerability exists in Microsoft ASP.NET Core...

6.5CVSS7AI score0.03035EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/11 12:0 a.m.7 views

D-Link DIR-850L REV.A and REV.B Denial of Service Vulnerabilities

The D-Link DIR-850L REV.A and REV.B are both wireless router products from AUO D-Link. The security vulnerability exists in D-Link DIR-850L REV.A and REV.B devices using firmware FW114WWb07h2abbeta1 and prior versions, and firmware FW208WWb02 and prior versions. A remote attacker could exploit th...

7.5CVSS7.5AI score0.01367EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/21 12:0 a.m.4 views

Cisco Context Service SDK Remote Code Execution Vulnerability

Cisco Context Service SDK is the United States Cisco Cisco company's set of software development kit for Context Service. An arbitrary code execution vulnerability exists in the update process of the JAR file in version 2.0 of the Cisco Context Service SDK, which stems from the program failing to...

10CVSS8.1AI score0.04841EPSS
Exploits0References1
OSV
OSV
added 2017/06/12 6:29 a.m.5 views

CVE-2017-9543

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm...

7.5CVSS6AI score0.01332EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/18 12:0 a.m.4 views

Juniper Networks NorthStar Controller Application Buffer Overflow Vulnerability (CNVD-2017-07222)

Juniper Networks NorthStar Controller Application is a traffic planning controller from Juniper Networks, Inc. The controller optimizes service provider transport networks by establishing open industry standard protocols. A buffer overflow vulnerability exists in Juniper Networks NorthStar...

6.5CVSS7.1AI score0.01163EPSS
Exploits0References1
OSV
OSV
added 2016/10/25 2:31 p.m.6 views

UBUNTU-CVE-2016-5598

Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python...

5.6CVSS6.2AI score0.02207EPSS
Exploits0References2
CNVD
CNVD
added 2016/07/29 12:0 a.m.5 views

Wireshark CORBA IDL Dissector Remote Denial of Service Vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A remote denial of service vulnerability exists in Wireshark versions 2.0.0 through 2.0....

5.9CVSS6AI score0.06444EPSS
Exploits1References1
CNVD
CNVD
added 2016/03/03 12:0 a.m.3 views

Wireshark Denial of Service Vulnerability (CNVD-2016-01444)

Wireshark is the most popular network protocol parser. A denial-of-service vulnerability exists in Wireshark version 2.0.x prior to 2.0.2, which allows remote attackers to cause a denial of service via a crafted packet...

5.9CVSS7.3AI score0.03096EPSS
Exploits0References1
Broadcom
Broadcom
added 2016/01/15 12:0 a.m.6 views

BSA-2016-001

Summary Security Advisory ID : BSA-2016-001 Component : Java Revision : 2.0 N/A...

10CVSS4.9AI score0.06451EPSS
Exploits0
CNVD
CNVD
added 2015/10/26 12:0 a.m.5 views

IniNet Solutions SCADA Web Server Path Traversal Vulnerability

IniNet SCADA Web Server is a third-party web-based server software. Versions of SCADA Web Server prior to 2.02 fail to effectively filter certain elements within path names and are implemented with a path traversal vulnerability. An attacker can exploit this vulnerability to read arbitrary OS fil...

5CVSS6.8AI score0.02089EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/06 12:0 a.m.6 views

WordPress Plugin WonderPlugin Audio Player Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WonderPlugin Audio Player is one of the audio player plugin. WordPress WonderPlugin Audio Player plugin 2.0 and...

4.3CVSS6.1AI score0.04186EPSS
Exploits1References1
CNVD
CNVD
added 2015/02/28 12:0 a.m.4 views

Vanilla Forums Cross-Site Scripting Vulnerability

Vanilla Forums is a Canadian company VanillaForums PHP-based open source forum program . A cross-site scripting vulnerability exists in Vanilla Forums versions 2.0.18.12 and 2.1.x prior to 2.1.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.3CVSS6.1AI score0.01773EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/11/03 12:0 a.m.6 views

PT-2014-5437 · Red Hat · Spacewalk-Java +1

Name of the Vulnerable Software and Affected Versions: spacewalk-java version 2.0.2 Red Hat Network RHN Satellite versions 5.5 through 5.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to API endpoints such as...

4.3CVSS6.3AI score0.01759EPSS
Exploits0References6
OSV
OSV
added 2014/07/29 12:0 a.m.6 views

UBUNTU-CVE-2014-5031

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors...

5CVSS5.8AI score0.02911EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/07/23 12:0 a.m.3 views

PT-2012-4689 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.9 Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Moodle versions 2.3.x through 2.3.0 Description: A cross-site scripting XSS issue exists, allowing remote authenticated administrators...

3.5CVSS5.1AI score0.0144EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2011/11/30 12:0 a.m.9 views

PT-2011-4554 · Apache +3 · Apache Http Server +3

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.0.x through 2.0.64 Apache HTTP Server versions 2.2.x before 2.2.18 Description: The issue arises from the mod proxy module's improper interaction with RewriteRule and ProxyPassMatch pattern matches when configure...

4.6CVSS6.9AI score0.82756EPSS
Exploits13References33
Positive Technologies
Positive Technologies
added 2008/09/05 12:0 a.m.3 views

PT-2008-5265 · Dic · Dic Shop V52 +1

Name of the Vulnerable Software and Affected Versions: DIC shop v50 versions 3.0 and earlier DIC shop v52 versions 2.0 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For DIC shop v5...

6.1CVSS6AI score0.00957EPSS
Exploits0References7
Rows per page
Query Builder