18 matches found
DEBIAN-CVE-2026-13957
Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13957
creationtimestamp| type| source ---|---|--- 2026-03-10 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0254/ 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-03...
CVE-2024-13957
SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13957
SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13957 SSRF Server Side Request Forgery
SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13957
CVE-2024-13957 describes SSRF vulnerabilities in ABB ASPECT, with ASPECT-Enterprise, NEXUS Series, and MATRIX Series affected up to version 3.x. Root cause: server-side requests can be manipulated if administrator credentials are compromised, enabling an attacker to induce outbound requests to in...
Security Bulletin: Vulnerability in Apache Solr affects IBM watsonx.data
Summary Apache Solr could allow a remote attacker to bypass security restrictions, caused by improper access control by the Configsets API. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions. This vulnerability can be exploited when...
Apache Solr 6.6.x < 6.6.7 / 7.x < 7.7.4 / 8.x < 8.6.3 Authentication Bypass (CVE-2020-13957)
The version of Apache Solr running on the remote host is 6.6.x prior to 6.6.7, or 7.x prior to 7.7.4, or 8.x prior to 8.6.3. It is, therefore, affected by an authentication bypass vulnerability. Apache Solr prevents some features considered dangerous which could be used for remote code execution ...
CVE-2018-13957
...
Exploit for Incorrect Authorization in Apache Solr
Apache Solr RCE CVE-2020-13957 Docker Demo !docker-demo...
CVE-2020-13957
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous which could be used for remote code execution to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...
CVE-2020-13957
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous which could be used for remote code execution to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...
CVE-2020-13957
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous which could be used for remote code execution to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...
CVE-2020-13957
CVE-2020-13957 affects Apache Solr configurations via the ConfigSets API. IBM and OSV/NVD sources confirm that improper access control allows bypassing security checks for dangerous features when uploading/configuring ConfigSets, potentially enabling remote code execution. Affected Solr ranges in...
CVE-2020-13957
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous which could be used for remote code execution to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...
CVE-2019-13957
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter...
CVE-2019-13957
CVE-2019-13957 affects Umbraco 7.3.8 with a SQL Injection vulnerability in the backoffice /PageWApprove/PageWApproveApi/GetInpectSearch endpoint via the nodeName parameter. The NVD entry lists high/critical impact metrics (CVSS v2 base score 7.5; CVSS v3.1 base score 9.8) indicating network attac...
CVE-2017-13957
CVE-2017-13957 entry is rejected/unused by its CNA and does not represent an active vulnerability.