CVSS评分在区间 [7,9.9] 的搜索结果 (28171)

CVE-2017-9285(发布:2018-03-02 15:29:01)NM

[原文]NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.

CVE-2017-9279(发布:2018-03-02 15:29:00)NM

[原文]NetIQ Identity Manager before allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.

CVE-2018-7648(发布:2018-03-02 11:29:00)NM

[原文]An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.

CVE-2018-1066(发布:2018-03-02 03:29:00)NM

[原文]The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.

CVE-2018-1170(发布:2018-03-01 20:29:00)NM

[原文]This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Customer-Link App and Customer-Link Bridge. The issue results from the lack of a proper protection mechanism against unauthorized firmware updates. An attacker can leverage this vulnerability to inject CAN messages. Was ZDI-CAN-5264.

CVE-2018-6490(发布:2018-03-01 20:29:00)NM

[原文]Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.

12345678下一页尾页 第1页 / 共4696页