Lucene search
K

605 matches found

OSV
OSV
added 2019/05/17 4:29 p.m.1 views

CVE-2019-5955

CREATE SD official App for Android version 1.0.2 and earlier allows remote attackers to bypass access restriction to lead a user to access an arbitrary website via vulnerable application and conduct phishing attacks...

5.4CVSS6.2AI score0.01133EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/05/16 1:25 p.m.3 views

OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

8.1CVSS7.4AI score0.12013EPSS
Exploits1References4
OSV
OSV
added 2019/05/07 7:29 p.m.4 views

CVE-2019-7427

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter...

6.1CVSS5.8AI score0.02758EPSS
Exploits2References2
CNVD
CNVD
added 2019/04/10 12:0 a.m.4 views

Adobe Bridge CC Memory Misreference Vulnerability

Adobe Bridge is a free digital asset management application from Adobe. A memory misreference vulnerability exists in Adobe Bridge CC 9.0.2. An attacker could exploit the vulnerability to obtain information...

6.5CVSS6.7AI score0.03951EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Adobe Bridge CC Out-of-Bounds Write Vulnerability

Adobe Bridge is a free digital asset management application from Adobe. An out-of-bounds write vulnerability exists in Adobe Bridge CC 9.0.2. An attacker can exploit this vulnerability to achieve remote code execution...

9.3CVSS8.2AI score0.06044EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/04 12:0 a.m.4 views

IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2019-09071)

IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM, USA. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users, servers and project...

5.4CVSS6.3AI score0.00987EPSS
Exploits0References1
CNVD
CNVD
added 2019/02/19 12:0 a.m.2 views

Intel Data Center Manager SDK Denial of Service Vulnerability

Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A security vulnerability exists in the encryption routines in Intel Data Center Manager SDK versions prior to 5.0.2. An attacker...

4.4CVSS6.6AI score0.0045EPSS
Exploits0References1
CNVD
CNVD
added 2019/02/19 12:0 a.m.3 views

Intel Data Center Manager SDK File Elevation of Privilege Vulnerability (CNVD-2019-05268)

Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A security vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. The vulnerability can be exploited by...

7.8CVSS6.7AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2019/02/18 5:29 p.m.5 views

CVE-2019-0107

Insufficient user prompt in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS5.8AI score0.00468EPSS
Exploits0References3
OSV
OSV
added 2019/02/07 6:3 p.m.2 views

GHSA-QRMC-FJ45-QFC2 Prototype Pollution in extend

Versions of extend prior to 3.0.2 for 3.x and 2.0.2 for 2.x are vulnerable to Prototype Pollution. The extend function allows attackers to modify the prototype of Object causing the addition or modification of an existing property that will exist on all objects. Recommendation If you're using...

9.8CVSS7.2AI score0.0305EPSS
Exploits1References6
OSV
OSV
added 2019/01/16 7:30 p.m.3 views

CVE-2019-2500

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

8.8CVSS7.3AI score0.00502EPSS
Exploits0References3
OSV
OSV
added 2019/01/16 7:30 p.m.2 views

CVE-2019-2448

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

5.5CVSS6.8AI score0.00518EPSS
Exploits0References4
OSV
OSV
added 2019/01/16 7:30 p.m.1 views

UBUNTU-CVE-2019-2555

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6.5CVSS7.2AI score0.00503EPSS
Exploits0References3
OSV
OSV
added 2019/01/16 7:30 p.m.1 views

UBUNTU-CVE-2019-2553

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

3.8CVSS7.2AI score0.00481EPSS
Exploits0References3
OSV
OSV
added 2019/01/16 7:30 p.m.1 views

UBUNTU-CVE-2019-2556

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6.5CVSS6.9AI score0.00503EPSS
Exploits0References3
OSV
OSV
added 2019/01/16 7:30 p.m.1 views

UBUNTU-CVE-2019-2509

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6.5CVSS6.9AI score0.00499EPSS
Exploits0References3
CNVD
CNVD
added 2019/01/16 12:0 a.m.1 views

Unspecified Vulnerability in Oracle FLEXCUBE Direct Banking (CNVD-2019-37403)

Oracle FLEXCUBE Direct Banking enables banks to deliver a tailored, portal-based, rich online customer experience based on demographics and market segments. A security vulnerability exists in Oracle FLEXCUBE Direct Banking 12.0.2. An attacker could exploit the vulnerability to cause unauthorized...

6.1CVSS8.2AI score0.01123EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/16 12:0 a.m.2 views

Oracle VM VirtualBox Access Control Error Vulnerability (CNVD-2019-27297)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The solution is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

7.8CVSS8.6AI score0.0044EPSS
Exploits0References1
OSV
OSV
added 2019/01/15 12:29 a.m.2 views

UBUNTU-CVE-2019-6291

An issue was discovered in the function expr6 in eval.c in Netwide Assembler NASM through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage...

5.5CVSS6.4AI score0.01272EPSS
Exploits1References2
CNVD
CNVD
added 2018/12/27 12:0 a.m.3 views

ZOHO ManageEngine ADSelfService Plus Cross-Site Scripting Vulnerability (CNVD-2019-03298)

ZOHO ManageEngine ADSelfService Plus is a Web-based end-user password management software from ZOHO. A cross-site scripting vulnerability exists in the automatically updated deployment implementation of ZOHO ManageEngine ADSelfService Plus prior to version 5.7 build 5702, which can be exploited b...

6.1CVSS6.2AI score0.05273EPSS
Exploits4References1
Rows per page
Query Builder