Lucene search
+L

216 matches found

osv
osv
added 2023/04/18 10:35 p.m.26 views

CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

6.5CVSS7.3AI score0.00835EPSS
Exploits1References3
exploitdb
exploitdb
added 2023/04/01 12:0 a.m.146 views

AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)

Title: AimOne Video Converter V2.04 Build 103 - Buffer Overflow DoS Author: nu11secur1ty Date: 01.05.2023 Vendor: https://aimone-video-converter.software.informer.com/, http://www.aimonesoft.com/ Software: https://aimone-video-converter.software.informer.com/download/?ca85d0 Reference: Descriptio...

7.4AI score
Exploits0
openbugbounty
openbugbounty
added 2023/02/23 4:32 p.m.17 views

103-astana.kz Cross Site Scripting vulnerability OBB-3205587

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
susecve
susecve
added 2023/02/15 3:32 a.m.6 views

SUSE CVE-2022-2505

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR...

7.5CVSS9.5AI score0.00748EPSS
Exploits0References8
susecve
susecve
added 2023/02/15 3:24 a.m.4 views

SUSE CVE-2022-36314

When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR...

6.1CVSS8.4AI score0.00216EPSS
Exploits0References8
susecve
susecve
added 2023/02/15 3:24 a.m.6 views

SUSE CVE-2022-36315

When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox 103...

4.3CVSS8.4AI score0.00196EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 3:24 a.m.4 views

SUSE CVE-2022-36316

When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox 103...

6.1CVSS8.4AI score0.00315EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-36317

When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 103...

6.5CVSS8.3AI score0.00463EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 3:24 a.m.6 views

SUSE CVE-2022-36320

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 103...

9.8CVSS9.4AI score0.00656EPSS
Exploits0References3
nvd
nvd
added 2023/02/14 4:15 a.m.33 views

CVE-2023-24525

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

5.4CVSS4.6AI score0.00345EPSS
Exploits0References2
prion
prion
added 2023/02/14 4:15 a.m.20 views

Cross site scripting

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

4.9CVSS5.2AI score0.00345EPSS
Exploits0References2Affected Software2
ptsecurity
ptsecurity
added 2023/02/14 12:0 a.m.6 views

PT-2023-19673 · Sap · Sap Crm Webclient Ui

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions WEBCUIF 748, 800, 801, S4FND 102, 103 Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability. On successful exploitation, an...

5.4CVSS5.1AI score0.00345EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/02/14 12:0 a.m.6 views

SAP CRM 跨站脚本漏洞

SAP CRM is a customer relationship management system from SAP, Germany. A cross-site scripting vulnerability exists in SAP CRM WebClient UI WEBCUIF version 748, version 800, version 801, S4FND version 102, version 103, which stems from not adequately coding user input...

5.4CVSS5.3AI score0.00345EPSS
Exploits0References3
nvd
nvd
added 2022/12/22 8:15 p.m.12 views

CVE-2022-36320

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 103...

9.8CVSS0.00656EPSS
Exploits0References2
osv
osv
added 2022/12/22 8:15 p.m.3 views

CVE-2022-36320

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 103...

9.8CVSS7.5AI score0.00656EPSS
Exploits0References2
osv
osv
added 2022/12/22 8:15 p.m.3 views

CVE-2022-36316

When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox 103...

6.1CVSS7.3AI score0.00315EPSS
Exploits0References2
osv
osv
added 2022/12/22 8:15 p.m.3 views

CVE-2022-36315

When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox 103...

4.3CVSS6.8AI score0.00196EPSS
Exploits0References2
osv
osv
added 2022/12/22 8:15 p.m.6 views

UBUNTU-CVE-2022-36314

When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR...

5.5CVSS7.2AI score0.00216EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2022/12/22 12:0 a.m.7 views

CVE-2022-36317

When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 103...

6AI score0.00463EPSS
Exploits0References2
cvelist
cvelist
added 2022/12/22 12:0 a.m.26 views

CVE-2022-38477

Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

9.3AI score0.00892EPSS
Exploits0References4
Rows per page
Query Builder