VIR Vulnerability Intelligence Relay

Search

Found 123 results in 112ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2021-21206 high 9.5 KEVFIX arch archdebian debian 5y ago Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple we…
CVE-2021-21193 high 9.5 KEVFIX arch archdebian debian 5y ago Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple we…
CVE-2021-21166 high 9.5 KEVFIX arch archdebian debian 5y ago Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web brow…
CVE-2021-1871 medium 7.0 KEVFIX arch arch sles rocky 5y ago Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including b…
CVE-2021-1870 medium 7.0 KEVFIX arch arch sles rocky 5y ago Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including b…
CVE-2020-6418 high 10.0 KEVEXPFIX arch archdebian debian 5y ago Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web…
CVE-2020-1472 medium 8.0 KEVEXPFIX arch arch sles rocky 5y ago Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An at…
CVE-2019-0211 high 10.0 KEVEXPFIX debian debianarch arch sles 5y ago In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scrip…
CVE-2018-6789 high 10.0 KEVEXPFIX arch archdebian debian 5y ago Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.
CVE-2017-16651 high 10.0 KEVEXPFIX arch archdebian debian 5y ago Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.
CVE-2021-39226 high 9.5 KEVFIX arch arch sles rocky 5y ago Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.
CVE-2020-36193 medium 7.0 KEVFIX arch arch sles rocky 5y ago PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-sour…
CVE-2020-16017 high 9.5 KEVFIX arch archdebian debian 6y ago Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16013 high 9.5 KEVFIX arch archdebian debian 6y ago Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could…
CVE-2020-28949 medium 8.0 KEVEXPFIX rockydebian debian rhel 6y ago PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and di…
CVE-2019-5786 high 10.0 KEVEXPFIX arch archdebian debian 6y ago Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2020-1938 medium 8.0 KEVEXPFIX sles rockydebian debian 6y ago Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploit…
CVE-2020-11023 medium 8.0 KEVEXPFIX rhel rocky sles 6y ago JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in …
CVE-2016-10033 high 10.0 KEVEXPFIX arch archdebian debian 6y ago PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, this issue affects the 'mail()' function of 'class.phpmailer.php' script. An attac…
CVE-2010-0806 high 8.8 10.0 KEVEXP windows windows microsoft 17y ago Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion …
CVE-2010-0249 high 8.8 10.0 KEVEXP windows windows microsoft 17y ago Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted …
CVE-2009-3459 high 8.8 10.0 KEVEXP adobe 17y ago Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
CVE-2009-1537 high 8.8 10.0 KEV windows windows microsoft 17y ago Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a craf…