关键字 的搜索结果 (14249)

CVE-2016-4340(发布:2017-01-23 16:59:01)NMP
CVSS6.5

[原文]The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors.

CVE-2015-7743(发布:2017-01-23 16:59:00)NMPS
CVSS4.0

[原文]XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file.

CVE-2016-4806(发布:2017-01-11 11:59:00)NMP
CVSS5.0

[原文]Web2py versions 2.14.5 and below was affected by Local File Inclusion vulnerability, which allows a malicious intended user to read/access web server sensitive files.

CVE-2016-4807(发布:2017-01-11 11:59:00)NMP
CVSS3.5

[原文]Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an attacker to perform an XSS attack on logged in user (admin).

CVE-2016-4808(发布:2017-01-11 11:59:00)NMP
CVSS6.8

[原文]Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an attacker to trick a logged in user to perform some unwanted actions i.e An attacker can trick an victim to disable the installed application just by sending a URL to victim.

CVE-2016-2246(发布:2016-12-29 04:59:00)NMPS
CVSS7.2

[原文]HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors.

首页上一页4567891011下一页尾页 第6页 / 共2375页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站