CVSS评分在区间 [7,9.9] 的搜索结果 (28721)

CVE-2018-6235(发布:2018-05-25 11:29:00)NM
CVSS7.2

[原文]An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2018-6237(发布:2018-05-25 11:29:00)NMS
CVSS7.8

[原文]A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation.

CVE-2018-1488(发布:2018-05-25 10:29:00)NM
CVSS7.2

[原文]IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 140973.

CVE-2013-3024(发布:2018-05-24 17:29:00)NMO
CVSS7.2

[原文]IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.

CVE-2018-8013(发布:2018-05-24 12:29:00)NMPS
CVSS7.5

[原文]In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization.

CVE-2018-5487(发布:2018-05-24 10:29:00)NM
CVSS7.5

[原文]NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.

首页上一页56789101112下一页尾页 第7页 / 共4787页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站