Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.6 views

CVE-2020-10854

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...

7.5CVSS7AI score0.00413EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/10 12:0 a.m.7 views

RockyLinux 10 : kernel (RLSA-2025:10854)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:10854 advisory. kernel: exfat: fix random stack corruption after getblock CVE-2025-22036 Tenable has extracted the preceding description block directly from the RockyLinux...

7CVSS7AI score0.00163EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.4 views

AlmaLinux 10 : kernel (ALSA-2025:10854)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:10854 advisory. kernel: exfat: fix random stack corruption after getblock CVE-2025-22036 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

7CVSS7AI score0.00163EPSS
Exploits0References3
OSV
OSV
added 2025/09/22 1:16 p.m.3 views

CVE-2025-10854

The txtai framework allows the loading of compressed tar files as embedding indices. While the validate function is intended to prevent path traversal vulnerabilities by ensuring safe filenames, it does not account for symbolic links within the tar file. An attacker is able to write a file anywhe...

8.1CVSS5.8AI score0.00427EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/16 12:0 a.m.4 views

Oracle Linux 10 : kernel (ELSA-2025-10854)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10854 advisory. 6.12.0-55.21.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug:...

7CVSS7AI score0.00163EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:31 a.m.8 views

CVE-2024-10854

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buyoneclickimportoptions AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-leve...

4.3CVSS6.5AI score0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:22 a.m.10 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

9CVSS6.9AI score0.02991EPSS
Exploits4References1
Circl
Circl
added 2024/11/13 2:37 a.m.8 views

CVE-2024-10854

creationtimestamp| type| source ---|---|--- 2024-11-13 02:37:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113473318409073166...

4.3CVSS6.9AI score0.00367EPSS
Exploits0References1
Circl
Circl
added 2024/02/26 2:42 p.m.6 views

CVE-2018-10854

creationtimestamp| type| source ---|---|--- 2024-02-26 14:42:07+00:00| seen| https://t.me/ctinow/193374...

6.5CVSS5.7AI score0.00608EPSS
Exploits0References1
OSV
OSV
added 2020/03/24 6:15 p.m.4 views

CVE-2020-10854

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...

7.5CVSS5.8AI score0.00413EPSS
Exploits0References1
CVE
CVE
added 2020/03/24 5:37 p.m.46 views

CVE-2020-10854

CVE-2020-10854 concerns information disclosure on Samsung mobile devices running O(8.x), P(9.0), or Q(10.0) software, where kernel stack addresses are leaked to userspace. The issue affects the kernel exposure path and is classified with a high impact in CVSS 3.1 (base score 7.5) and medium in CV...

7.5CVSS7.5AI score0.00413EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/11/22 12:15 p.m.23 views

CVE-2018-10854

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field...

6.5CVSS5.5AI score0.00608EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/22 11:51 a.m.23 views

CVE-2018-10854

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field...

6.5CVSS5.2AI score0.00608EPSS
Exploits0References1
CVE
CVE
added 2019/11/22 11:51 a.m.97 views

CVE-2018-10854

CloudForms/CloudForms Management Engine is affected by CVE-2018-10854 due to a stored XSS in the Name field within the v2v infrastructure mapping delete feature. Affected versions are CloudForms 5.8 and 5.9. Root cause: improper sanitization of user input in Name leading to stored XSS. Red Hat ad...

6.5CVSS5.1AI score0.00608EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.218 views

Computrols CBAS-Web 19.0.0 Command Injection

!/usr/bin/env python ''' Computrols CBAS-Web Unauthenticated Remote Command Injection Exploit Affected versions: 19.0.0 and below by Sipke Mellema, 2019 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Uses tw...

9CVSS0.02991EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.125 views

CBAS-Web 19.0.0 - Remote Code Execution

Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 19.0.0 Tested on: NA CVE : N/A...

9CVSS7.4AI score0.02991EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2019/09/05 5:26 a.m.120 views

Moderate: Red Hat Security Advisory: CloudForms 4.7.9 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

6.5CVSS7.4AI score0.87218EPSS
Exploits4References21
Circl
Circl
added 2019/05/23 7:48 p.m.8 views

CVE-2019-10854

creationtimestamp| type| source ---|---|--- 2019-05-23 19:48:25+00:00| seen| https://t.me/cvemitreorg/259...

9CVSS7.3AI score0.02991EPSS
Exploits4References1
Cvelist
Cvelist
added 2019/05/23 6:45 p.m.41 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

8.8AI score0.02991EPSS
Exploits4References2
CVE
CVE
added 2019/05/23 6:45 p.m.69 views

CVE-2019-10854

CVE-2019-10854 affects Computrols CBAS Web (18.0.0/19.0.0). The vulnerability is described as a command-injection flaw in the json.php endpoint that can allow OS command execution, reported as part of a CBAS Web remote command injection chain. Public material (Exploits/Advisories) documents unaut...

9CVSS8.7AI score0.02991EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder