Lucene search
K

7 matches found

CVE
CVE
added 2011/09/06 7:0 p.m.782 views

CVE-2011-3389

CVE-2011-3389 is the BEAST information-disclosure vulnerability in TLS/SSL CBC-mode encryption, allowing a network attacker to glean plaintext headers under certain configurations (e.g., when CBC with chained IVs is used and the attacker can inject/observe traffic). The connected documents show m...

4.3CVSS6.5AI score0.73327EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.714 views

CVE-1999-0524

CVE-1999-0524 is an ICMP information-disclosure vulnerability where ICMP replies reveal (1) netmask and (2) timestamp to arbitrary hosts. Connected reports link it to multiple products (e.g., Nutanix AHV advisories NXSA‑AHV series and ABB M2M Gateway plugin) and describe the issue as an informati...

4CVSS6.5AI score0.31586EPSS
CVE
CVE
added 2018/06/26 12:0 a.m.438 views

CVE-2018-0598

The CVE-2018-0598 issue concerns self-extracting archive files created by IExpress bundled with Microsoft Windows. Affected component is the IExpress self-extracting archive mechanism, where an untrusted search path can lead to DLL planting and privilege escalation by loading a Trojan horse DLL f...

9.3CVSS7.6AI score0.09044EPSS
CVE
CVE
added 2021/08/12 6:12 p.m.224 views

CVE-2021-36958

CVE-2021-36958 is a Windows Print Spooler RCE vulnerability where privileged file operations allow an attacker to execute code with SYSTEM privileges. Exploitation is described as local (with user interaction) in the CVE data, and Microsoft issued a fix as part of the PrintNightmare remediation. ...

9.3CVSS9.5AI score0.31729EPSS
CVE
CVE
added 2022/03/10 10:35 p.m.92 views

CVE-2022-0280

The CVE-2022-0280 issue affects McAfee Total Protection for Windows, specifically the QuickClean feature. A race condition in QuickClean (prior to version 16.0.43) can be exploited by a local attacker to elevate privileges and delete arbitrary files, potentially causing data loss and denial of se...

7.5CVSS6.7AI score0.00325EPSS
CVE
CVE
added 2018/06/26 2:0 p.m.74 views

CVE-2018-0599

The CVE-2018-0599 issue affects the Visual C++ Redistributable installer. A vulnerability exists in the installer’s DLL search path (DLL planting) that can allow arbitrary code execution with the privileges of the user invoking the installer. Affected component is the installer for Visual C++ Red...

9.3CVSS7.7AI score0.04589EPSS
CVE
CVE
added 2014/10/16 12:0 a.m.50 views

CVE-2014-7237

CVE-2014-7237 affects lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier on Windows. A remote attacker can bypass access restrictions and upload files with restricted names by exploiting a null byte (%00) in a filename to bin/upload.cgi, with demonstration via an .htaccess mechanism to execute arbit...

6.8CVSS7.6AI score0.20059EPSS
Web