Lucene search
K

155 matches found

Nuclei
Nuclei
added 6 hours ago20 views

Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure

The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users id: CVE-2022-0424 info: name: Popup by Supsystic 1.10.9 - Subscriber Email...

5.3CVSS6AI score0.0269EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

TencentOS Server 4: perl-Archive-Tar (TSSA-2026:0424)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0424 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.1CVSS5.6AI score0.0043EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32276

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 2:16 p.m.9 views

CVE-2026-35087

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

9.3CVSS0.00662EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 p.m.10 views

CVE-2026-35089

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

8.7CVSS0.00589EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 12:42 p.m.15 views

CVE-2026-35089

Slican telephone exchanges expose admin credentials because the secure key is generated predictably from exchange properties without authentication. CVE-2026-35089 (and CVE-2026-35087) describe an unauthenticated path to deduce the secure key and gain admin access. Remediations (per affected entr...

8.7CVSS5.8AI score0.00589EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Slican多款产品 安全漏洞

Slican IPx, among others, are products of the Polish company Slican. Slican IPx is a series of enterprise communication and IP phone switching systems. Slican CCT is also a series of enterprise communication and IP phone switching systems. Slican MAC is a series of enterprise-level telephone...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43699

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.6 views

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.AXS4 (AXSA:2013-99:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-99:01 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0424 Unspecified vulnerability in the Java Runtime Environment JRE...

10CVSS6.7AI score0.35584EPSS
Exploits3References21
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.12 views

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.9-2.3.7.1.AXS4 (AXSA:2013-98:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2013-98:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0424 Unspecified vulnerability in the Java Runtime Environment JRE...

10CVSS7.2AI score0.89987EPSS
Exploits11References21
Circl
Circl
added 2026/01/12 1:26 p.m.3 views

RHSA-2026:0424

creationtimestamp| type| source ---|---|--- 2026-01-12 13:26:42+00:00| seen| https://gist.github.com/Darkcrai86/3cc9ce8a0ecea48c6749ff66fb3d9cd5...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:40 a.m.6 views

CVE-1999-0424

talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes...

2.1CVSS6.8AI score0.00377EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0424

Malware in sbrugna...

7.5CVSS7.7AI score0.01123EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-0424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission...

5.5CVSS6.5AI score0.00802EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:32 a.m.6 views

CVE-2024-0424

A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...

5.4CVSS6.2AI score0.00497EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:16 p.m.11 views

CVE-2022-0424

The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users...

5.3CVSS7AI score0.0269EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:0 p.m.6 views

CVE-2020-0424

In sendvc of ressend.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9...

5.5CVSS6.1AI score0.00158EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2010-0424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The editcmd function in crontab.c in 1 cronie before 1.4.4 and 2 Vixie cron vixie-cron allows local users to change the modification times of arbitrary files, a...

3.3CVSS5.5AI score0.00346EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/20 8:28 a.m.7 views

CVE-2025-0424

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple authenticated stored cross-site scripting vulnerabilities. An authenticated attacker is able to compromise the sessions of other users on the server by injecting JavaScript code into their...

5.1CVSS5.9AI score0.00411EPSS
Exploits1References1
Circl
Circl
added 2025/02/18 8:15 a.m.2 views

CVE-2025-0424

creationtimestamp| type| source ---|---|--- 2025-02-18 08:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligt24raei2y 2025-02-18 08:41:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4759 2025-02-18 10:57:37+00:00| seen| https://t.me/cvedetector/18301...

5.1CVSS5.8AI score0.00411EPSS
Exploits1References3
Rows per page
Query Builder