| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2021-28503 | 6.8 | The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI. | 2022-08-02 15:57:00 | 2022-02-04 23:15:00 |
| CVE-2022-36414 | 6.7 | There is an elevation of privilege breakout vulnerability in the Windows EXE installer in Scooter Beyond Compare 4.2.0 through 4.4.2 before 4.4.3. Affected versions allow a logged-in user to run applications with elevated privileges via the Clipboard | 2022-08-02 15:53:00 | 2022-07-23 03:15:00 |
| CVE-2021-26608 | 7.5 | An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash. | 2022-08-02 15:52:00 | 2021-09-09 13:15:00 |
| CVE-2021-29487 | 5.8 | octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vul | 2022-08-02 15:49:00 | 2021-08-26 19:15:00 |
| CVE-2017-17820 | 4.3 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors. | 2022-08-02 15:41:00 | 2017-12-21 03:29:00 |
| CVE-2017-17819 | 4.3 | In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated. | 2022-08-02 15:41:00 | 2017-12-21 03:29:00 |
| CVE-2017-17817 | 4.3 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack. | 2022-08-02 15:41:00 | 2017-12-21 03:29:00 |
| CVE-2022-32962 | 6.8 | HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service. | 2022-08-02 15:37:00 | 2022-07-20 02:15:00 |
| CVE-2022-32961 | 6.8 | HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this | 2022-08-02 15:35:00 | 2022-07-20 02:15:00 |
| CVE-2022-32960 | 6.8 | HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulne | 2022-08-02 15:32:00 | 2022-07-20 02:15:00 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/34996
Zapisa po stranici: