关键字 的搜索结果 (15240)

CVE-2018-6546(发布:2018-04-13 12:29:01)NMP
CVSSN/A

[原文]plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user.

CVE-2017-0372(发布:2018-04-13 12:29:00)NMP
CVSSN/A

[原文]Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.

CVE-2017-0358(发布:2018-04-13 11:29:00)NMPS
CVSSN/A

[原文]Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.

CVE-2015-4557(发布:2018-04-12 11:29:00)NMCP
CVSSN/A

[CNNVD]WordPress Nextend Twitter Connect插件和Nextend Google Connect插件跨站脚本漏洞--WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Nextend Twitter Connect是其中的一个用于注册和登录Twitter的插件。Nextend Google Connect是其中的一个用于注册...

CVE-2018-9842(发布:2018-04-12 11:29:00)NMP
CVSSN/A

[原文]CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.

CVE-2018-9843(发布:2018-04-12 11:29:00)NMP
CVSSN/A

[原文]The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.

首页上一页12345678下一页尾页 第2页 / 共2540页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站