CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

104 matches found

CNNVD•added 2021/06/21 12:0 a.m.•2 views

Bluetooth 竞争条件问题漏洞

Bluetooth is a Bluetooth Special Interest Group SIG standards organization standard for short-range wireless technology for exchanging data between fixed and mobile devices over short distances using UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz, and for building personal area networ...

5.3CVSS5.8AI score0.00246EPSS

Exploits0References3

CNNVD•added 2021/04/13 12:0 a.m.•3 views

Apache Solr 安全漏洞

Apache Solr is a standalone enterprise-class search application server. Apache Solr unauthorized access vulnerability allows an unauthorized attacker to exploit server-side misparsing to enable reading and writing of datasets...

9.1CVSS5.5AI score0.058EPSS

Exploits0References6

Mageia•added 2020/12/17 1:10 p.m.•41 views

Updated jasper packages fix security vulnerability

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability CVE-2020-27828...

7.8CVSS5.3AI score0.00342EPSS

Exploits1References2

VulnCheck KEV•added 2020/12/01 12:0 a.m.•0 views

VulnCheck KEV: CVE-2014-3914

Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager TSM in Rocket ServerGraph 1.2 allows remote attackers to 1 create arbitrary files via a .. dot dot in the query parameter in a writeDataFile action to the fileRequestor servlet, execute arbitrary files via a...

10CVSS6AI score0.83656EPSS

Exploits5References1

OSV•added 2020/10/14 3:15 p.m.•3 views

CVE-2020-27013

Trend Micro Antivirus for Mac 2020 Consumer contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data. An attacker must...

4.4CVSS5.9AI score0.00102EPSS

Exploits0References2

OSV•added 2020/10/02 9:15 a.m.•1 views

DEBIAN-CVE-2020-25741

fdctrlwritedata in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive...

3.2CVSS6.2AI score0.00182EPSS

Exploits0References1

OSV•added 2020/10/02 9:15 a.m.•0 views

UBUNTU-CVE-2020-25741

fdctrlwritedata in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive...

3.2CVSS6.7AI score0.00182EPSS

Exploits0References4

OSV•added 2020/07/15 6:15 p.m.•1 views

CVE-2020-14528

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 16.1.0.0-16.1.5.1, 18.0.0.0-18.0.2.0 and 19.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

6.1CVSS6.8AI score

Exploits0References1

CNVD•added 2020/05/19 12:0 a.m.•2 views

Multiple NETGEAR Product License Issue Vulnerabilities (CNVD-2020-33662)

NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 and others are a wireless WiFi device from NETGEAR. NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 version 2.5.1.106, Outdoor Satellite RBS50Y version 2.5.1.106 and Pro Tri-Band Business WiFi An authorization iss...

9.6CVSS7.1AI score0.00326EPSS

Exploits1References1

OSV•added 2020/05/12 6:15 p.m.•0 views

CVE-2020-6250

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop t...

6.8CVSS7AI score0.00078EPSS

Exploits0References2

Positive Technologies•added 2020/05/02 12:0 a.m.•2 views

PT-2020-6199 · Json-C +10 · Json-C +10

Name of the Vulnerable Software and Affected Versions: json-c versions 0.14 and earlier Description: The issue is related to an integer overflow and out-of-bounds write in json-c, which can be triggered by a large JSON file. This can be demonstrated by the printbuf memappend function. The...

9.8CVSS7.8AI score0.03831EPSS

Exploits3References131

ATTACKERKB•added 2020/03/18 12:0 a.m.•14 views

CVE-2020-8599

Trend Micro Apex One 2019 and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability. Recent assessments:...

10CVSS9.5AI score0.5786EPSS

In wildExploits0References3

Positive Technologies•added 2020/03/16 12:0 a.m.•5 views

PT-2020-6582

Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.x through 2.9.x Description A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and...

5.7CVSS7.2AI score0.00145EPSS

Exploits0References200

OSV•added 2020/03/02 8:15 p.m.•2 views

DEBIAN-CVE-2018-17572

InfluxDB 0.9.5 has Reflected XSS in the Write Data module...

4.8CVSS5.8AI score0.00321EPSS

Exploits1References1

OSV•added 2020/03/02 8:15 p.m.•18 views

CVE-2018-17572

InfluxDB 0.9.5 has Reflected XSS in the Write Data module...

4.8CVSS6AI score

Exploits0References2