Lucene search
K

34 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-3207

Malware in sbrugna...

9CVSS7.7AI score0.03808EPSS
Exploits1References2
Circl
Circl
added 2025/09/22 3:35 p.m.5 views

CVE-2025-10794

creationtimestamp| type| source ---|---|--- 2025-09-22 15:35:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lzgqcvwdi62g...

6.1CVSS5.8AI score0.00412EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:21 a.m.8 views

CVE-2019-10794

All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

6.5CVSS6.8AI score0.00726EPSS
Exploits0References1
Circl
Circl
added 2024/11/13 5:48 a.m.5 views

CVE-2024-10794

creationtimestamp| type| source ---|---|--- 2024-11-13 05:48:05+00:00| seen| https://t.me/cvedetector/10797...

4.3CVSS8.7AI score0.0049EPSS
Exploits0References1
NVD
NVD
added 2024/11/13 4:15 a.m.15 views

CVE-2024-10794

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

4.3CVSS0.0049EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/13 3:20 a.m.16 views

CVE-2024-10794 Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

4.3CVSS6.6AI score0.0049EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/13 3:20 a.m.21 views

CVE-2024-10794 Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

4.3CVSS0.0049EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.14 views

WordPress Boostify Header Footer Builder for Elementor Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure

Software Boostify Header Footer Builder for Elementor Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-10794 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8590719f26b7 Credits...

4.3CVSS6.7AI score0.0049EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10794

When GraphicsMagick 1.3.25 processes an RGB TIFF picture with metadata indicating a single sample per pixel in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode...

6.1CVSS9.6AI score0.01537EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/05/24 5:9 p.m.4 views

byways (>=1.2.0 <=1.5.2), component-build (>=1.0.0 <=1.2.2) +17 more potentially affected by CVE-2019-10794 via component-flatten (>=0.0.1 <=1.0.1)

component-flatten NPM version =0.0.1, =1.2.0, =1.0.0, =1.0.0, =1.3.0, =0.0.3, =0.1.0, =1.0.0, =1.0.0, =0.2.0, =1.0.0, =1.2.0, =0.0.1, =0.0.1, =0.0.4 - faiton-builder =1.1.10 and more Source cves: CVE-2019-10794 Source advisory: OSV:GHSA-G6R3-HHG9-QF58...

6.5CVSS6.5AI score0.00726EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/11 4:21 p.m.27 views

Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities

Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-10795 DESCRIPTION: Node.js undefsafe module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a...

10CVSS2.1AI score0.03799EPSS
Exploits7Affected Software1
NVD
NVD
added 2020/05/07 9:15 p.m.20 views

CVE-2020-10795

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access...

9CVSS8.7AI score0.03808EPSS
Exploits1References1
NVD
NVD
added 2020/05/07 9:15 p.m.9 views

CVE-2020-10794

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database. This can be combined with CVE-2020-10795 for remote root access...

9.8CVSS7.2AI score0.01446EPSS
Exploits1References1
Prion
Prion
added 2020/05/07 9:15 p.m.10 views

Remote code execution

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access...

9CVSS8.6AI score0.03808EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2020/05/07 8:33 p.m.69 views

CVE-2020-10795

Product affected: Gira TKS-IP-Gateway 4.0.7.7. Vulnerabilities: (1) Path traversal (CNVD-2020-41719/CVE-2020-10794) could allow an attacker to download the application database; (2) Authenticated remote code execution via the backup function of the web frontend (CVE-2020-10795) with potential rem...

9CVSS8.6AI score0.03808EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/05/07 8:31 p.m.72 views

CVE-2020-10794

Gira TKS-IP-Gateway 4.0.7.7 is affected by an unauthenticated path traversal vulnerability that lets an attacker download the application database. This CVE (CVE-2020-10794) is linked to CVE-2020-10795, which describes authenticated remote code execution via the backup web frontend and could enab...

9.8CVSS7.2AI score0.01446EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/07 8:31 p.m.14 views

CVE-2020-10794

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database. This can be combined with CVE-2020-10795 for remote root access...

7.6AI score0.01446EPSS
Exploits1References1
NVD
NVD
added 2020/02/18 4:15 p.m.17 views

CVE-2019-10794

All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

6.5CVSS6.3AI score0.00726EPSS
Exploits0References1
CVE
CVE
added 2020/02/18 3:32 p.m.50 views

CVE-2019-10794

CVE-2019-10794 affects component-flatten, where all versions are vulnerable to prototype pollution via a proto payload. The flaw enables an attacker to trick the program into adding or modifying properties on Object.prototype, with consequences including potential arbitrary code execution as desc...

6.5CVSS6.4AI score0.00726EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2020/02/17 3:34 p.m.3 views

byways (>=1.2.0 <=1.5.2), component-build (>=1.0.0 <=1.2.2) +17 more potentially affected by CVE-2019-10794 via component-flatten (>=0.0.1 <=1.0.1)

component-flatten NPM version =0.0.1, =1.2.0, =1.0.0, =1.0.0, =1.3.0, =0.0.3, =0.1.0, =1.0.0, =1.0.0, =0.2.0, =1.0.0, =1.2.0, =0.0.1, =0.0.1, =0.0.4 - faiton-builder =1.1.10 and more Source cves: CVE-2019-10794 Source advisory: SNYK:JS-COMPONENTFLATTEN-548907...

6.5CVSS6.5AI score0.00726EPSS
Exploits0
Rows per page
Query Builder