CVSS评分在区间 [0,3.9] 的搜索结果 (5752)

CVE-2016-3178(发布:2017-03-24 11:59:00)NM
CVSS2.1

[原文]The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value.

CVE-2016-3179(发布:2017-03-24 11:59:00)NM
CVSS2.1

[原文]The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling.

CVE-2013-6446(发布:2017-03-23 16:59:00)NMS
CVSS3.5

[原文]The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs.

CVE-2015-8687(发布:2017-03-23 16:59:00)NMP
CVSS3.5

[原文]Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the (2) policyActionClass or (3) policyActionName parameter to PolicyAction/findPolicyActions.do; the deviceID parameter to (4) SingleDeviceMgmt/getDevice.do or (5) device/editDevice.do; the operation parameter to (6) ajax.do or (7) xmlHttp.do; or the (8) policyAction, (9) policyClass, or (10) policyName parameter to policy/findPolicies.do.

CVE-2016-2981(发布:2017-03-20 12:59:01)NM
CVSS2.1

[原文]An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.

CVE-2014-9645(发布:2017-03-12 01:59:00)NMCPS
CVSS2.1

[CNNVD]BusyBox 本地安全绕过漏洞--BusyBox是乌克兰软件开发者丹尼斯-弗拉先科(Denis Vlasenko)所负责维护的一套包含了多个标准Linux工具的应用程序。该应用程序由于可执行文件尺寸小、并使用Linux内核,可使用于嵌入式系统。 BusyBox中存在本地安全绕过漏洞。攻击者可利用该漏洞绕过安全限制...

12345678下一页尾页 第1页 / 共959页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站