Lucene search
+L

32 matches found

cve
cve
added 3 days ago7 views

CVE-2026-9108

Studio 5000 Logix Designer is affected by a path traversal vulnerability in which ACD project files may contain unvalidated file names. During project opening, paths can escape the intended extraction directory, potentially allowing an attacker to write arbitrary files to attacker-controlled loca...

5.4CVSS6.2AI score0.00109EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 12:15 p.m.8 views

CVE-2018-9108

CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges...

8.8CVSS6.9AI score0.00787EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/08/27 12:0 a.m.8 views

PT-2025-34889 · Cisco · Cisco Nx-Os +5

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software for Cisco Nexus 3000 Series Switches Cisco Nexus 9000 Series Switches in standalone NX-OS mode Cisco UCS 6400 Fabric Interconnects Cisco UCS 6500 Series Fabric Interconnects Cisco UCS 9108 100G Fabric Interconnects affect...

5.5CVSS5.6AI score0.00125EPSS
Exploits0References4
nessus
nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-9108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r,...

7.5CVSS7.9AI score0.02186EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/10/01 7:30 a.m.15 views

CVE-2024-9108 Wechat Social login <= 1.3.0 - Unauthenticated Arbitrary File Upload

The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convertremoteimagetolocal' function in versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8AI score0.00853EPSS
Exploits0References2
cvelist
cvelist
added 2024/10/01 7:30 a.m.25 views

CVE-2024-9108 Wechat Social login <= 1.3.0 - Unauthenticated Arbitrary File Upload

The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convertremoteimagetolocal' function in versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS0.00853EPSS
Exploits0References2
patchstack
patchstack
added 2024/10/01 12:0 a.m.12 views

WordPress Wechat Social login Plugin <= 1.3.0 is vulnerable to Arbitrary File Upload

Software Wechat Social login Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9108 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 7303314c8667 Credits István Márton Required privilege...

9.8CVSS6.9AI score0.00853EPSS
Exploits0References2Affected Software1
openvas
openvas
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:14399-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.03603EPSS
Exploits0References4
openvas
openvas
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2020:1612-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.03603EPSS
Exploits0References4
osv
osv
added 2021/03/01 7:34 p.m.26 views

GHSA-2HWX-MJRM-V3G8 Denial of service attack via .well-known lookups

Impact A malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which...

5.3CVSS6.4AI score0.02164EPSS
Exploits0References8
circl
circl
added 2020/10/12 6:37 p.m.5 views

CVE-2020-9108

creationtimestamp| type| source ---|---|--- 2020-10-12 18:37:40+00:00| seen| https://t.me/cibsecurity/15206...

7.1CVSS5.5AI score0.00477EPSS
Exploits0References1
cve
cve
added 2020/10/12 1:27 p.m.45 views

CVE-2020-9108

The CVE-2020-9108 issue affects Huawei P30 Pro devices running versions prior to 10.1.0.160 (C00E160R2P8). The vulnerability is an out-of-bounds read/write caused by insufficient validation of a crafted message parameter, which an unauthenticated attacker can send to affected products, potentiall...

7.1CVSS5.5AI score0.00477EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2020/07/01 12:0 a.m.22 views

Fedora 31 : adns (2020-e59bcaf702)

New upstream release - Important security fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109: Vulnerable applications: all adns callers. Exploitable by: the local recursive resolver. Likely worst case: Remote code execution. CVE-2017-9106: Vulnerable applications: those that make SOA...

9.8CVSS8.2AI score0.03603EPSS
Exploits0References8
circl
circl
added 2020/06/18 6:55 p.m.5 views

CVE-2017-9108

creationtimestamp| type| source ---|---|--- 2020-06-18 18:55:08+00:00| seen| https://t.me/cibsecurity/12846...

7.5CVSS8.3AI score0.02186EPSS
Exploits0References1
osv
osv
added 2020/06/18 2:15 p.m.8 views

CVE-2017-9108

An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read would have done. Without this fix, adnshost may read...

7.5CVSS9.2AI score
Exploits0References5
cve
cve
added 2020/06/18 1:5 p.m.154 views

CVE-2017-9108

CVE-2017-9108 affects adns prior to 1.5.2. The issue arises in adnshost due to mishandling a missing final newline on a stdin read, which can cause reading one byte beyond the buffer and may crash or leak that byte. Publicly reported in multiple advisories and Nessus/OpenVAS entries, with fixes d...

7.5CVSS8.1AI score0.02186EPSS
Exploits0References5Affected Software1
nessus
nessus
added 2020/06/18 12:0 a.m.35 views

SUSE SLES12 Security Update : adns (SUSE-SU-2020:1612-1)

This update for adns fixes the following issues : CVE-2017-9103,CVE-2017-9104,CVE-2017-9105,CVE-2017-9109: Fixed an issue in local recursive resolver which could have led to remote code execution bsc1172265. CVE-2017-9106: Fixed an issue with upstream DNS data sources which could have led to deni...

9.8CVSS8AI score0.03603EPSS
Exploits0References16
openvas
openvas
added 2020/06/18 12:0 a.m.24 views

openSUSE: Security Advisory for adns (openSUSE-SU-2020:0827-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.8AI score0.03603EPSS
Exploits0References2
osv
osv
added 2020/06/17 4:19 p.m.6 views

OPENSUSE-SU-2020:0827-1 Security update for adns

This update for adns fixes the following issues: - CVE-2017-9103,CVE-2017-9104,CVE-2017-9105,CVE-2017-9109: Fixed an issue in local recursive resolver which could have led to remote code execution bsc1172265. - CVE-2017-9106: Fixed an issue with upstream DNS data sources which could have led to...

9.8CVSS8.5AI score0.03603EPSS
Exploits0References9
cve
cve
added 2019/02/25 1:0 a.m.42 views

CVE-2019-9108

CVE-2019-9108 describes a cross-site scripting vulnerability in WUZHI CMS 4.1.0, exploitable via index.php?m=core&f=map&v=baidumap&x=[XSS]&y=[XSS] that leads to script injection through the x and y parameters to coreframe/app/core/map.php. All connected sources consistently identify a generic XSS...

6.1CVSS5.9AI score0.00853EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder