Lucene search
+L

169 matches found

Cvelist
Cvelist
added 2019/08/13 7:17 p.m.17 views

CVE-2019-14985

eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMDEXEC virtual device type 28...

9.8AI score0.11324EPSS
Exploits1References1
Mageia
Mageia
added 2019/08/03 9:18 p.m.16 views

Updated kernel packages fix security vulnerability

This kernel update is based on the upstream 5.1.20 and fixes at least the following security issue: With Xen, virtual device backends and device models running in domain 0, or other backend driver domains, need to be able to map guest memory either via grant mappings, or via the foreign mapping...

0.6AI score
Exploits0References6
Xen Project
Xen Project
added 2019/07/09 1:55 p.m.147 views

Linux: No grant table and foreign mapping limits

ISSUE DESCRIPTION Virtual device backends and device models running in domain 0, or other backend driver domains, need to be able to map guest memory either via grant mappings, or via the foreign mapping interface. Inside Xen, mapped grants are tracked by the maptrack structure. The size of this...

6.5CVSS0.3AI score0.00408EPSS
Exploits0
OSV
OSV
added 2019/06/03 10:29 p.m.3 views

UBUNTU-CVE-2019-12615

An issue was discovered in getvdevportnodeinfo in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdupconst of nodeinfo-vdevport.name, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash...

7.5CVSS6.8AI score0.03574EPSS
Exploits0References3
Kitploit
Kitploit
added 2018/08/07 2:35 p.m.38 views

Whatsapp Automation - A Collection Of Tools For Sending And Recieving Whatsapp Messages

Whatsapp Automation is a collection of APIs that interact with WhatsApp messenger running in an Android emulator, allowing developers to build projects that automate sending and receiving messages, adding new contacts and broadcasting messages multiple contacts. The project uses Selinium, Appium,...

7.4AI score
Exploits0References1
OSV
OSV
added 2018/06/20 9:29 p.m.4 views

CVE-2018-0307

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

7.8CVSS6AI score0.00564EPSS
Exploits0References2
Cisco
Cisco
added 2018/06/20 4:0 p.m.78 views

Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

8.2CVSS2.1AI score0.00564EPSS
Exploits0References1
Kitploit
Kitploit
added 2018/03/24 8:39 p.m.25 views

LeakVM - Research & Pentesting Framework For Android, Run Security Tests Instantly

LeakVM: Run security tests instantly. Why LeakVM : LeakVM fast security test on Android, by skipping the time-consuming build pen-testing laboratories, you can test on real devices or virtual devices. LeakVM makes researchers and pen-testers more productive since they can run the test on real tim...

7.8AI score
Exploits0References16
CNVD
CNVD
added 2018/02/27 12:0 a.m.5 views

Google Android Qualcomm WLAN elevation of privilege vulnerability (CNVD-2018-04763)

Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, and Qualcomm WLAN is one of the wireless LAN components developed by Qualcomm. An elevation of privilege vulnerability exists in the 'wmaroamsyncheventhandler' function of Qualcomm WLAN in...

7.8CVSS6.9AI score0.0015EPSS
Exploits0References1
Prion
Prion
added 2017/11/30 9:29 a.m.16 views

Command injection

A vulnerability in the CLI of Cisco Firepower Extensible Operating System FXOS and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacke...

4.6CVSS6.9AI score0.01103EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/11/30 9:29 a.m.5 views

CVE-2017-12338

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS5.9AI score0.00377EPSS
Exploits0References2
OSV
OSV
added 2017/11/30 9:29 a.m.5 views

CVE-2017-12339

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

5.7CVSS6AI score0.007EPSS
Exploits0References3
OSV
OSV
added 2017/11/30 9:29 a.m.4 views

CVE-2017-12330

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

6.3CVSS6AI score0.01102EPSS
Exploits0References3
Prion
Prion
added 2017/11/30 9:29 a.m.19 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

4.6CVSS7AI score0.00935EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/11/30 9:29 a.m.3 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.3CVSS6AI score0.00935EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.37 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.9AI score0.00935EPSS
Exploits0References3
Cisco
Cisco
added 2017/11/29 4:0 p.m.48 views

Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco Firepower Extensible Operating System FXOS and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacke...

6.3CVSS6.9AI score0.01103EPSS
Exploits0References1
Cisco
Cisco
added 2017/11/29 4:0 p.m.50 views

Cisco NX-OS System Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.3CVSS7AI score0.00935EPSS
Exploits0References1
Cisco
Cisco
added 2017/11/29 4:0 p.m.42 views

Cisco Nexus Series Switches CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

6.3CVSS6.9AI score0.01102EPSS
Exploits0References1
Veeam
Veeam
added 2016/10/11 12:0 a.m.37 views

VM Disk Labels Out of Order After Restore

Challenge After Instant VM Recovery or Full VM Restore, a VMware VM appears to have been restored with its disks out of order. However, the disk files are each associated with the correct SCSI, IDE, or SATA disk IDs, disks are not out of order within the VM guest OS, and the VM otherwise function...

6.9AI score
Exploits0
Rows per page
Query Builder