Lucene search
K

13 matches found

Circl
Circl
added 8 hours ago3 views

CVE-2026-11390

creationtimestamp| type| source ---|---|--- 2026-07-14 05:40:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqline2oyb2x...

6.4CVSS6.1AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.9 views

CVE-2019-11390

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with seterrorhandler at the beginning and nested repetition operators. NOT...

5.3CVSS6.8AI score0.01671EPSS
Exploits1References1
Circl
Circl
added 2025/10/07 12:55 p.m.7 views

CVE-2025-11390

creationtimestamp| type| source ---|---|--- 2025-10-07 12:55:14+00:00| seen| Telegram/GgQFAnUa-IztbBVcnUBSKBJWWAWhtkxjzAgcfhW6GKKw...

6.1CVSS4.5AI score0.00333EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/03 2:48 p.m.24 views

CVE-2024-11390

Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...

5.4CVSS6.6AI score0.0027EPSS
Exploits0References1
NVD
NVD
added 2025/05/01 2:15 p.m.9 views

CVE-2024-11390

Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...

5.4CVSS0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/01 1:11 p.m.13 views

CVE-2024-11390 Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS

Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...

5.4CVSS0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/01 1:11 p.m.6 views

CVE-2024-11390 Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS

Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...

5.4CVSS5.6AI score0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/20 10:45 p.m.10 views

CVE-2020-11390

...

Exploits0
CVE
CVE
added 2021/12/20 10:45 p.m.29 views

CVE-2020-11390

CVE-2020-11390 is rejected/not used per the description; this entry does not represent an active vulnerability.

6.7AI score
Exploits0
OSV
OSV
added 2019/04/21 2:29 a.m.6 views

CVE-2019-11390

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with seterrorhandler at the beginning and nested repetition operators. NOT...

5.3CVSS5.1AI score
Exploits0References2
OSV
OSV
added 2017/08/02 9:29 p.m.6 views

CVE-2017-11390

XML external entity XXE processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-4706...

7.5CVSS5.8AI score0.02342EPSS
Exploits0References3
CVE
CVE
added 2017/08/02 9:0 p.m.54 views

CVE-2017-11390

This CVE concerns an XML External Entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0. The issue stems from XXE handling in the product’s input processing, enabling information disclosure if an attacker supplies malicious XML. Multiple connected sources (NVD entry, ZDI adviso...

7.5CVSS7.2AI score0.02342EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/11/18 12:0 a.m.4 views

JasPer Denial of Service Vulnerability (CNVD-2016-11390)

JasPer is an open source implementation of the JPEG-2000 codec . A denial of service vulnerability exists in JasPer. An attacker exploiting this vulnerability could cause a denial of service breach...

5.5CVSS6.4AI score0.01949EPSS
Exploits0References1
Rows per page
Query Builder