Lucene search
K

432 matches found

CNVD
CNVD
added 2018/08/13 12:0 a.m.2 views

PHP Scripts Mall hotel-booking-script Denial of Service Vulnerability

PHP Scripts Mall hotel-booking-script is a hotel booking system script by PHP Scripts Mall India, which includes features like advanced CMS management, review management and booking management. A denial of service vulnerability exists in PHP Scripts Mall hotel-booking-script version 2.0.4, which...

6.5CVSS6.6AI score0.01138EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/13 12:0 a.m.4 views

PHP Scripts Mall hotel-booking-script Cross-Site Scripting Vulnerability

PHP Scripts Mall hotel-booking-script is a multi-vendor hotel booking script. PHP Scripts Mall hotel-booking-script 2.0.4 suffers from a cross-site scripting vulnerability that can be exploited by an attacker via the First Name, Last Name or Address fields...

5.4CVSS5.3AI score0.00545EPSS
Exploits1References1
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-3029

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

5.3CVSS7.3AI score0.0211EPSS
Exploits0References3
OSV
OSV
added 2018/02/12 6:15 p.m.2 views

USN-3568-1 wavpack vulnerabilities

Hanno Böck discovered that WavPack incorrectly handled certain WV files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10169 Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An...

7.8CVSS6.7AI score0.02951EPSS
Exploits2References3
OSV
OSV
added 2018/02/02 9:29 a.m.12 views

CVE-2018-6550

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...

5.4CVSS5.2AI score
Exploits0References2
OSV
OSV
added 2018/01/29 7:29 p.m.4 views

DEBIAN-CVE-2017-15133

A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...

7.5CVSS8.7AI score0.01852EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/19 12:0 a.m.4 views

Meinberg LANTIME Web Configuration Utility Directory Traversal Vulnerability

Meinberg LANTIME is an NTP time server from Meinberg, Germany.Web Configuration Utility is one of the web configuration utilities. A directory traversal vulnerability exists in the Upload Groupkey function of the Web Configuration Utility in Meinberg LANTIME with firmware version 6.24.004. A remo...

9CVSS7.3AI score0.03995EPSS
Exploits2References1
OSV
OSV
added 2017/11/18 6:29 p.m.3 views

UBUNTU-CVE-2017-16883

The outputSWFTEXTRECORD function in util/outputscript.c in libming = 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file...

6.5CVSS6.9AI score0.01052EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/07 12:0 a.m.6 views

IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2017-27828)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. An information disclosure vulnerability exists in IBM WAS...

6.5CVSS6.3AI score0.00944EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/23 12:0 a.m.3 views

Joomla! JoomRecipe Component SQL Injection Vulnerability

Joomla! is a content management system. A SQL injection vulnerability exists in version 1.0.4 of the JoomRecipe component of Joomla! The vulnerability allows attackers to obtain sensitive database information...

7.8AI score
Exploits0References1
OSV
OSV
added 2017/07/01 6:29 p.m.6 views

UBUNTU-CVE-2017-10788

The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering 1 certain error responses from a MySQL server or 2 a loss of a network connection to a MySQL server. The...

9.8CVSS7AI score0.04629EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2017/05/10 12:0 a.m.3 views

PT-2017-17974 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 4.0.4 Description: The issue is related to a Cross-Site Scripting XSS problem. It occurs in the doli/societe/list.php file through the sall parameter. This allows for potential malicious script injection...

6.1CVSS5.8AI score0.00948EPSS
Exploits3References8
OSV
OSV
added 2017/05/05 7:29 a.m.4 views

CVE-2017-5907

The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2017/03/21 2:48 a.m.9 views

USN-3240-1 nvidia-graphics-drivers-304, nvidia-graphics-drivers-340, nvidia-graphics-drivers-375 vulnerability

It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service...

5.5CVSS6.4AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

CVE-2016-8317

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Unit Trust. Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Difficult to exploit vulnerability allows low privileged attacker with network...

5.3CVSS7.3AI score0.0102EPSS
Exploits0References3
OSV
OSV
added 2016/10/25 2:31 p.m.6 views

UBUNTU-CVE-2016-5598

Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python...

5.6CVSS6.2AI score0.02207EPSS
Exploits0References2
OSV
OSV
added 2016/05/17 3:33 p.m.3 views

USN-2981-1 libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and...

8.8CVSS6.8AI score0.10284EPSS
Exploits2References2
OSV
OSV
added 2016/01/25 10:27 a.m.13 views

SUSE-SU-2016:0324-1 Recommended update for LibreOffice

This update brings LibreOffice to version 5.0.4, a major version update. It brings lots of new features, bug fixes and also security fixes. Features as seen on http://www.libreoffice.org/discover/new-features/ LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module,...

7.5CVSS10AI score0.2447EPSS
Exploits4References35
BDU FSTEC
BDU FSTEC
added 2015/11/20 12:0 a.m.7 views

The vulnerability of the microprogramming software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems allows a intruder to authenticate as an arbitrary user.

The vulnerability of the Microprogramming Software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to bypass authentication by acting as an arbitrary user...

6.8CVSS5.6AI score0.00644EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.10 views

The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the acpid-1.0.4 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out locally...

6.9CVSS5.4AI score0.00309EPSS
Exploits1References2
Rows per page
Query Builder