@etherio/database (>=0.0.1 <=0.0.13), @gridnt/ngplus (=1.0.3) +23 more potentially affected by unknown CVE via axois (=0.0.1-security)

axois NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on axois and may be impacted: - @etherio/database =0.0.1, =0.5.6, =3.10.2, =0.0.27, =0.0.27, =1.0.0, =1.0.2, =0.1.0, =1.0.1, =1.0.10 and more Source cves: unknown CVE Source...

Google Chrome Resource Management Error Vulnerability (CNVD-2020-49920)

Google Chrome is a web browser from Google, an American company. A resource management error vulnerability exists in versions of Google Chrome prior to 84.0.4147.125. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2020-50748)

JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...

@appirio/salesforce (>=0.5.9 <=2.0.1), @artemis-prime/facebook-messenger-bot (=1.0.1) +205 more potentially affected by CVE-2017-1000048 via qs (>=6.1.0 <=6.1.1)

qs NPM version =6.1.0, =0.5.9, =1.1.25, =1.0.88, =1.1.7, =1.3.20, =16.1.4, =0.0.1, =2.0.1, =1.0.0, =1.0.6 - @mshksdk/design =0.0.2 and more Source cves: CVE-2017-1000048 Source advisory: OSV:GHSA-GQGV-6JQ5-JJJ9...

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2020-25842)

NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...

@cardgamesplay/klondike (>=0.1.0 <=0.1.1), @devexpress/analytics-core (>=18.2.7 <=19.1.1-alpha-19071-2010) +68 more potentially affected by CVE-2019-14862 via knockout (>=2.2.1 <=3.5.0-beta)

knockout NPM version =2.2.1, =0.1.0, =18.2.7, =4.0.0, =0.1.0-zgx, =0.1.0, =1.0.0, =0.0.1, =0.2.20, =18.2.7, =17.2.2-beta, =18.2.7, =1.2.1, =2.0.1-beta, =2.0.4-beta and more Source cves: CVE-2019-14862 Source advisory: OSV:GHSA-VCJJ-XF2R-MWVC...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-40825)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to execute arbitrary code...

ABB eSOMS Information Disclosure Vulnerability (CNVD-2020-17172)

ABB eSOMS is a plant operations management system from ABB Switzerland. An information disclosure vulnerability exists in ABB eSOMS, which can be exploited by attackers to obtain sensitive information...

CVE-2013-2018

creationtimestamp| type| source ---|---|--- 2020-02-20 02:52:04+00:00| seen| https://t.me/cibsecurity/9946...

Metasploit Sample Linux Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit sample shows how an exploit module could be written to exploit a bug in a command on a linux computer for priv esc. class MetasploitModule 'Sample Linux Pri...

CVE-2019-1305

A Cross-site Scripting XSS vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'...

cPanel Information Disclosure Vulnerability (CNVD-2019-27425)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 57.9999.54. No detailed vulnerability details are provided at this ti...

Unspecified vulnerability in Linux kernel (CNVD-2019-38271)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel. No detailed vulnerability details are currently available...

abbr (=0.0.0), add-dependencies (=2.3.0) +159 more potentially affected by CVE-2019-1010083 via flask (>=0.10.1 <=0.6.1)

flask PYPI version =0.10.1, =0.26.0, =1.4.15, =0.11.1, =0.4.0, =4.0.0, =1.10.0, =0.1.0, =0.14.0, =0.1.1, =0.1.17, =0.1.0, =1.0.0 - blendedux =0.0.2 and more Source cves: CVE-2019-1010083 Source advisory: OSV:PYSEC-2019-179...

CVE-2019-12221

creationtimestamp| type| source ---|---|--- 2019-05-20 18:45:35+00:00| seen| https://t.me/cvemitreorg/96...

Adobe Acrobat/Reader Out-of-Bounds Read Vulnerability (CNVD-2019-22823)

Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe.Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader has an out-of-bounds read vulnerability. An attacker can exploit this vulnerability to obtain information...

CVE-2015-1340

creationtimestamp| type| source ---|---|--- 2019-04-22 20:30:42+00:00| seen| https://t.me/cibsecurity/3856 2019-04-29 18:27:22+00:00| seen| https://t.me/cibsecurity/3996...

CVE-2018-19006

OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. This vulnerability requires the ability of authorized AF users to store...

Google Android System Information Disclosure Vulnerability (CNVD-2018-22649)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in the System component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9, which can be exploited by attackers to obtain...

idreamsoft iCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-10137)

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in admincp.php?app=group&do=save in idreamsoft iCMS 7.0.10, which can be exploited by an attacker to add an administrator account...