CVSS评分在区间 [10,10] 的搜索结果 (6320)

CVE-2018-1161(发布:2018-02-08 13:29:01)NM
CVSS10.0

[原文]This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Authentication is not required to exploit this vulnerability. The specific flaw exists within nvwsworker.exe. When parsing the boundary header of a multipart request, the process does not properly validate the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-4215.

CVE-2018-1163(发布:2018-02-08 13:29:01)NM
CVSS10.0

[原文]This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. The specific flaw exists within JSON RPC Request handling. By setting the checksession parameter to a specific value, it is possible to bypass authentication to critical functions. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-4752.

CVE-2018-6476(发布:2018-01-31 14:29:00)NM
CVSS10.0

[原文]In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating input values from IOCtl 0x9C402114 or 0x9C402124 or 0x9C40207c.

CVE-2018-5701(发布:2018-01-31 13:29:00)NM
CVSS10.0

[原文]In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.

CVE-2018-6387(发布:2018-01-29 13:29:00)NM
CVSS10.0

[原文]iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.

CVE-2018-0506(发布:2018-01-26 11:29:00)NM
CVSS10.0

[原文]Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

12345678下一页尾页 第1页 / 共1054页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站