Lucene search
K

605 matches found

OSV
OSV
added 2021/06/11 7:15 a.m.2 views

CVE-2021-28801

An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read sensitive information on the system. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.2 build 20210122 on QSW-M2108-2C;...

7.5CVSS7AI score0.00749EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/06/01 12:0 a.m.5 views

PT-2021-19832 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.11 Nextcloud Server versions prior to 20.0.10 Nextcloud Server versions prior to 21.0.2 Description: The issue allows an attacker to gain write/read privileges on any Federated File Share. This can also...

10CVSS5.9AI score0.02521EPSS
Exploits2References36
Positive Technologies
Positive Technologies
added 2021/06/01 12:0 a.m.4 views

PT-2021-19833 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.11 Nextcloud Server versions prior to 20.0.10 Nextcloud Server versions prior to 21.0.2 Description: The issue arises when an attacker converts a Files Drop link to a federated share, causing problems o...

10CVSS5.8AI score0.02521EPSS
Exploits2References36
OSV
OSV
added 2021/05/19 11:34 a.m.7 views

SUSE-SU-2021:1637-1 Security update for python-httplib2

This update for python-httplib2 contains the following fixes: Security fixes included in this update: - CVE-2021-21240: Fixed a regular expression denial of service via malicious header bsc1182053. - CVE-2020-11078: Fixed an issue where an attacker could change request headers and body bsc1171998...

7.5CVSS6.8AI score0.03876EPSS
Exploits1References5
OSV
OSV
added 2021/02/03 10:15 p.m.2 views

CVE-2021-26023

The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS...

6.1CVSS6.3AI score0.25176EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.5 views

IBM Security Guardium Insights 信息泄露漏洞

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. An information disclosure vulnerability exists in IBM Security Guardium Insights 2.0.2. A remote attacker could exploit this...

5.3CVSS6.1AI score0.01284EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/11 12:0 a.m.5 views

jsoneditor Cross-site Scripting Vulnerability

Josdejong Jsoneditor is a web page based software for viewing, editing, and verifying Json data by the individual developer Josdejong. A cross-site scripting vulnerability exists in jsoneditor before 9.0.2, which allows the vulnerability to be triggered by injecting and executing JavaScript...

6.1CVSS6.2AI score0.00692EPSS
Exploits1References2
OSV
OSV
added 2020/12/16 3:15 p.m.5 views

CVE-2020-14254

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it...

7.5CVSS7AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.8 views

HCL BigFix Inventory 安全漏洞

HCL BigFix Platform is a suite of endpoint security management platform from HCL India. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL BigFix Inventory v10.0.2 onwards, which stems from not disabling the...

7.5CVSS7.1AI score0.0064EPSS
Exploits0References2
PyPA
PyPA
added 2020/10/13 6:15 p.m.6 views

PYSEC-2020-110

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

7.7CVSS6.9AI score0.01128EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2020/10/13 6:15 p.m.3 views

UBUNTU-CVE-2020-15251

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

7.7CVSS6.8AI score0.01128EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/10/13 12:0 a.m.6 views

PT-2020-5835 · Phpmyadmin +1 · Phpmyadmin +1

Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions 5.0.2 and earlier Description: The issue is related to a lack of neutralization of elements in a CSV file in the "Export" function of the phpMyAdmin web application for database management. This could allow a remote attack...

10CVSS8.5AI score0.67081EPSS
Exploits16References43
vulnersOsv
vulnersOsv
added 2020/09/02 3:26 p.m.5 views

@here/harp-leaflet (>=0.2.4 <=0.2.5) potentially affected by CVE-2020-8244 via bl (=4.0.2)

bl NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @here/harp-leaflet =0.2.4, =0.2.5 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

6.5CVSS6.7AI score0.02123EPSS
Exploits1
OSV
OSV
added 2020/08/19 3:15 p.m.0 views

CVE-2020-9722

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...

7.8CVSS7.6AI score0.05813EPSS
Exploits0References1
OSV
OSV
added 2020/07/31 5:15 p.m.4 views

CVE-2020-12081

An information disclosure vulnerability has been identified in FlexNet Publisher lmadmin.exe 11.14.0.2. The web portal link can be used to access to system files or other important files on the system...

7.5CVSS7AI score0.0109EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 6:15 p.m.7 views

CVE-2020-2978

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracl...

4.1CVSS6.7AI score0.01242EPSS
Exploits3References3
OSV
OSV
added 2020/07/15 6:15 p.m.3 views

CVE-2020-14699

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

7.5CVSS7.1AI score0.00554EPSS
Exploits0References5
OSV
OSV
added 2020/07/15 6:15 p.m.5 views

CVE-2020-14677

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

7.5CVSS7.1AI score0.00416EPSS
Exploits0References5
OSV
OSV
added 2020/07/15 6:15 p.m.3 views

UBUNTU-CVE-2020-14647

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

7.5CVSS7.2AI score0.00547EPSS
Exploits0References3
OSV
OSV
added 2020/07/07 10:54 a.m.7 views

SUSE-SU-2020:1864-1 Security update for nasm

nasm was updated to version 2.14.02: Fix crash due to multiple errors or warnings during the code generation pass if a list file is specified. Create all system-defined macros defore processing command-line given preprocessing directives -p, -d, -u, --pragma, --before. If debugging is enabled,...

7.5CVSS6.8AI score0.02721EPSS
Exploits12References26
Rows per page
Query Builder