Description of the security update for SharePoint Server 2019: September 8, 2020
Description of the security update for SharePoint Server 2019: September 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
8AI Score
0.03EPSS
Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020
Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel if the software does not check the source markup of an application package. To learn more about the....
9.5AI Score
0.013EPSS
Description of the security update for SharePoint Server 2010: September 8, 2020
Description of the security update for SharePoint Server 2010: September 8, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
8.5AI Score
0.013EPSS
Digital Education: The cyberrisks of the online classroom
This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools....
-0.6AI Score
Senate Bill Would Expand Facial-Recognition Restrictions Nationwide
A bill making its way through the U.S. Senate aims to extend nationwide some of the restrictions on the collection of facial-recognition information already imposed by an Illinois state law, as well as expand private citizens’ legal powers to sue companies that violate them. The news comes as...
0.2AI Score
Oracle WebLogic Server - Remote Command Execution
The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and...
9.3AI Score
0.976EPSS
Description of the security update for SharePoint Server 2019: August 11, 2020
Description of the security update for SharePoint Server 2019: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.7AI Score
0.177EPSS
Description of the security update for SharePoint Server 2010: August 11, 2020
Description of the security update for SharePoint Server 2010: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.5AI Score
0.014EPSS
Description of the security update for Outlook 2013: August 11, 2020
Description of the security update for Outlook 2013: August 11, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Outlook when the software does not correctly handle objects in memory. It also resolves an information disclosure vulnerability.....
6AI Score
0.005EPSS
High-Severity Cisco DoS Flaw Plagues Small-Business Switches
Cisco is warning of a high-severity flaw that could allow remote, unauthenticated attackers to cripple several of its popular small-business switches with denial of service (DoS) attacks. The vulnerability stems from the IPv6 packet processing engine in the switches. IPv6 (also known as Internet...
1AI Score
c-ares 1.16.0 Use-After-Free Exploit
c-ares version 1.16.0 has an issue where ares_destroy() with pending ares_getaddrinfo() leads to a use-after-free...
7AI Score
Description of the security update for SharePoint Server 2010: July 14, 2020
Description of the security update for SharePoint Server 2010: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.8AI Score
0.841EPSS
Description of the security update for Outlook 2013: July 14, 2020
Description of the security update for Outlook 2013: July 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Outlook software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common...
8AI Score
0.024EPSS
Description of the security update for SharePoint Enterprise Server 2013: July 14, 2020
Description of the security update for SharePoint Enterprise Server 2013: July 14, 2020 Note: After you install this update, the default setting for a trusted data source and trusted content locations in PerformancePoint Services will change from trust all to trust none. For more information, see.....
8.9AI Score
0.013EPSS
Cisco Warns of High-Severity Bug in Small Business Switch Lineup
Cisco Systems is warning of a high-severity flaw affecting more than a half-dozen of its small business switches. The flaw could allow remote, unauthenticated attackers to access the switches’ management interfaces with administrative privileges. Specifically affected are Series Smart Switches,...
AI Score
Fedora 31 : tcpreplay (2020-256ac53cc7)
This release contains bug fixes only (which includes security fixes) : Increase cache buffers size to accomodate VLAN edits (#594) Correct L2 header length to correct IP header offset (#583) Fix warnings from gcc version 10 (#580) Heap Buffer Overflow in randomize_iparp (#579) ...
8.9AI Score
Fedora 32 : tcpreplay (2020-f47830961a)
This release contains bug fixes only (which includes security fixes) : Increase cache buffers size to accomodate VLAN edits (#594) Correct L2 header length to correct IP header offset (#583) Fix warnings from gcc version 10 (#580) Heap Buffer Overflow in randomize_iparp (#579) ...
8.9AI Score
Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access
This module tests for a logic vulnerability in the Cisco VPN Concentrator 3000 series. It is possible to execute some FTP statements without authentication (CWD, RNFR, MKD, RMD, SIZE, CDUP). It also appears to have some memory leak bugs when working with CWD commands. This module simply creates an....
0.3AI Score
Description of the security update for SharePoint Server 2010: June 9, 2020
Description of the security update for SharePoint Server 2010: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the following....
6.5AI Score
0.001EPSS
Description of the security update for SharePoint Server 2010: May 12, 2020
Description of the security update for SharePoint Server 2010: May 12, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To...
5.7AI Score
0.001EPSS
Sky File 2.1.0 iOS - Directory Traversal Vulnerability
Exploit for php platform in category web...
AI Score
7.4AI Score
lerciopinto.pt Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1148367 Security Researcher DkilerS2 Helped patch 112 vulnerabilities Received 4 Coordinated Disclosure badges Received 8 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting lerciopinto.pt website and...
AI Score
IBM Data Risk Manager Authentication Bypass / Command Injection / File Download Exploit
IBM Data Risk Manager suffers from authentication bypass, command injection, insecure default password, and arbitrary file download...
7.4AI Score
0.3AI Score
0.1AI Score
1.1AI Score
Oracle VirtualBox xHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...
7.5CVSS
5AI Score
0.001EPSS
Description of the security update for SharePoint Enterprise Server 2013: April 14, 2020
Description of the security update for SharePoint Enterprise Server 2013: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint when the software fails to check the source markup of an application package. To learn more about....
9AI Score
0.017EPSS
Description of the security update for Outlook 2013: April 14, 2020
Description of the security update for Outlook 2013: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists when Microsoft Office improperly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities...
8.6AI Score
0.038EPSS
Description of the security update for SharePoint Server 2010: April 14, 2020
Description of the security update for SharePoint Server 2010: April 14, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To....
5.7AI Score
0.001EPSS
MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015
MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015 Introduction This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file...
7.7AI Score
4.8AI Score
0.001EPSS
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
4.6CVSS
4.6AI Score
0.001EPSS
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
6.7AI Score
0.001EPSS
cairo is vulnerable to arbitrary code execution. The vulnerability exists if an application linked against Cairo processes a malicious PNG image, it is possible to execute arbitrary code as the user running the...
4AI Score
Security Advisory - Insufficient Integrity Validation Vulnerability in Several Products
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB. (Vulnerability ID:...
4.9AI Score
0.001EPSS
338online.es Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1128125 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting 338online.es website and...
0.1AI Score
4.5AI Score
0.0004EPSS
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
3.9CVSS
4.3AI Score
0.0004EPSS
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
6.8AI Score
0.0004EPSS
Activities of a Nigerian Cybercriminal Uncovered
Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...
-0.3AI Score
Activities of a Nigerian Cybercriminal Uncovered
Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...
-0.3AI Score
Researchers Uncover a Nigerian Hacker's Pursuit of his Million Dollar Dream
Social engineering-driven malware threats continue to be a big threat, but new research details how cybercriminals profit off such schemes to launder hundreds of thousands of dollars from stolen credit cards of unsuspecting victims. Cybersecurity firm Check Point Research, in a report shared...
0.3AI Score
Hello, There is an out-of-bounds write that is likely exploitable while performing Huffman decoding of Fax images. The technical details are as follows. # Type: integer underflow produces out of bounds heap/etc write # Platform: 32-bit # Details: 390 MagickExport MagickPassFail...
9.8CVSS
9.6AI Score
0.002EPSS
Security Advisory - Improper Integrity Checking Vulnerability on some Huawei Products
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications. (Vulnerability ID: HWPSIRT-2019-10070) This vulnerability has been...
4.8AI Score
0.0004EPSS
On March 3, 2020, the cyber division of Federal Bureau of Investigation (FBI) issued a private industry notification calling out Business Email Compromise (BEC) scams through exploitation of cloud-based email services. Microsoft Office 365 and Google G Suite, the two largest cloud-based email...
-0.4AI Score
Description of the security update for SharePoint Server 2010: March 10, 2020
Description of the security update for SharePoint Server 2010: March 10, 2020 Summary This security update resolves a vulnerability that is caused if SharePoint Server does not correctly sanitize a specially crafted request to an affected SharePoint server. To learn more about the vulnerability,...
5.8AI Score
0.001EPSS
6.6AI Score
0.001EPSS
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability....
6.8CVSS
6.7AI Score
0.001EPSS