Lucene search
K

14 matches found

CNNVD
CNNVD
added 2025/07/22 12:0 a.m.3 views

TYPO3 powermail 安全漏洞

TYPO3 powermail is a mail form extension for TYPO3 open source. A security vulnerability exists in TYPO3 powermail versions 12.0.0 through 12.5.2 and 13.0.0, which stems from an insecure direct object reference that could lead to the download of arbitrary files from a web server...

6CVSS6.5AI score0.00275EPSS
Exploits0References3
OSV
OSV
added 2025/06/25 8:23 a.m.3 views

SUSE-SU-2025:20452-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: - Updated to 12.5.2: CVE-2025-22247: Fixed Insecure file handling bsc1243106...

6.1CVSS6.6AI score0.00247EPSS
Exploits0References5
OSV
OSV
added 2025/06/08 1:23 p.m.2 views

SUSE-SU-2025:20379-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: - Updated to 12.5.2: CVE-2025-22247: Fixed insecure file handling bsc1243106 - Fixed gcc15 compile time error bsc1241938...

6.1CVSS5.8AI score0.00247EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 p.m.11 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

6.1CVSS5.8AI score0.07082EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

OpenText Exceed Turbo X Security Vulnerability

OpenText Exceed Turbo X is a virtual desktop software from OpenText Canada. A security vulnerability exists in OpenText Exceed Turbo X versions 12.5.1 and 12.5.2 that stems from the use of hard-coded encryption keys in the application...

9.8CVSS6.8AI score0.00273EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/22 12:15 p.m.3 views

CVE-2023-34939

Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution RCE vulnerability via the component UploadProgress.ashx...

9.8CVSS6.4AI score0.05033EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/06/19 12:0 a.m.4 views

PT-2023-4141 · Onlyoffice · Onlyoffice Community Server

Name of the Vulnerable Software and Affected Versions: Onlyoffice Community Server versions prior to 12.5.2 Description: The issue is related to a remote code execution vulnerability in the UploadProgress.ashx component. It is associated with errors in handling the relative path to a directory wi...

10CVSS9.7AI score0.05033EPSS
Exploits1References6
NVD
NVD
added 2021/04/02 7:15 p.m.20 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

6.1CVSS0.07082EPSS
Exploits0References4
Prion
Prion
added 2021/04/02 7:15 p.m.25 views

Cross site scripting

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

4.3CVSS5.7AI score0.07082EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2021/04/02 6:7 p.m.1169 views

CVE-2021-1879

CVE-2021-1879 affects Apple WebKit/WebKit-based parsing in iOS/iPadOS/watchOS (WebKit component). The issue is a cross-site scripting vulnerability triggered by processing malicious web content, potentially leading to universal XSS. Root cause: improved management of object lifetimes in WebKit/CS...

6.1CVSS6AI score0.07082EPSS
In wildExploits0References4Affected Software3
Cvelist
Cvelist
added 2021/04/02 6:7 p.m.28 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

5.8AI score0.07082EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/04/02 12:0 a.m.73 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

6.1CVSS6.2AI score0.07082EPSS
In wildExploits0References4
CNVD
CNVD
added 2018/05/30 12:0 a.m.1 views

VMware Workstation Drag and Drop File Vulnerability

VMware Workstation is a desktop virtual computer. A drag-and-drop file vulnerability exists in VMware Workstation version 12.5.2. An attacker can exploit the vulnerability to launch a denial of service attack...

6.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/17 12:0 a.m.75 views

Apple iTunes < 12.5.2 Multiple Vulnerabilities (Uncredentialed Check)

The version of Apple iTunes running on the remote Windows host is prior to 12.5.2 It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in WebKit when handling the location attribute due to improper validation of user-supplied input. An...

8.8CVSS7.3AI score0.01532EPSS
Exploits0References5
Rows per page
Query Builder