Lucene search
K

606 matches found

Positive Technologies
Positive Technologies
added 2022/11/04 12:0 a.m.5 views

PT-2022-26971 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: The issue allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query...

8.8CVSS6.2AI score0.42801EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.5 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS7.3AI score0.01318EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.3 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

7.1CVSS7.3AI score0.0127EPSS
Exploits0References4
Snyk
Snyk
added 2022/10/21 8:29 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when the Kestrel web server processes certain HTTP/2 and HTTP/3 requests. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

7.5CVSS7.9AI score0.03739EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/22 4:54 p.m.7 views

CVE-2022-35029

OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea...

7.2AI score0.00732EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.5 views

mysql: InnoDB unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

6.5CVSS6.8AI score0.01027EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/13 9:57 a.m.5 views

mysql: Server: FTS unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7.3AI score0.02052EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.3 views

IBM Security Identity Manager 输入验证错误漏洞

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM of America. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password management. I...

6.8CVSS6.6AI score0.00406EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/26 12:15 a.m.5 views

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

7.8CVSS7.3AI score0.00209EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/08/24 9:45 p.m.5 views

Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of members on the Mozilla Fuzzing Team reporting memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption, and we presume...

8.8CVSS7.4AI score0.00905EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/08/16 9:15 p.m.3 views

CVE-2022-36155

tifig v0.2.2 was discovered to contain a resource allocation issue via operator newunsigned long at asannewdelete.cpp...

5.5CVSS6.1AI score0.00284EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/16 12:0 a.m.9 views

PT-2022-5793 · Fortinet · Fortiadc

Name of the Vulnerable Software and Affected Versions: FortiADC versions 6.2.0 through 6.2.4 FortiADC versions 7.0.0 through 7.0.2 Description: The issue is related to improper neutralization of input during web page generation, allowing an attacker to execute unauthorized code or commands. This...

10CVSS6.3AI score0.01716EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2022/08/15 11:21 a.m.3 views

CVE-2022-2821

Missing Critical Step in Authentication in GitHub repository namelessmc/nameless prior to v2.0.2...

9.8CVSS7.1AI score0.01118EPSS
Exploits1References3
Circl
Circl
added 2022/08/06 2:21 a.m.5 views

CVE-2022-24024

creationtimestamp| type| source ---|---|--- 2022-08-06 02:21:03+00:00| seen| https://t.me/cibsecurity/47663...

9.8CVSS8.7AI score0.01088EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.13 views

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection of environmental data such as metadata and virtual environments. A security vulnerabilit...

9.6CVSS6.7AI score0.0058EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/25 12:0 a.m.4 views

CVE-2022-35286

IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814...

8.8CVSS5.7AI score0.00266EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/21 6:15 p.m.5 views

CVE-2022-33198

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin = 2.0.2 at WordPress...

5.3CVSS5.8AI score0.02654EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.8 views

quic-go 资源管理错误漏洞

quic-go is an implementation of the QUIC protocol, RFC 9000 protocol in Go by Lucas Clemente, a personal developer. A resource management error vulnerability exists in quic-go version 0.27.0 and earlier. A remote attacker can cause a denial of service by sending a Slowloris variant of an incomple...

7.5CVSS7.4AI score0.02825EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/06/24 3:15 p.m.1 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.1CVSS7.3AI score0.02021EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/06/24 3:15 p.m.2 views

CVE-2022-30119

XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2. This cannot be exploited in modern-da...

6.1CVSS6.4AI score0.00847EPSS
Exploits0References4
Rows per page
Query Builder