Lucene search
K

143 matches found

Nuclei
Nuclei
added yesterday37 views

Joomla! Component Advertising 0.25 - Local File Inclusion

A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...

6.8CVSS6.1AI score0.08163EPSS
Exploits2References4
Circl
Circl
added 2026/01/27 7:59 p.m.5 views

CVE-2026-1473

creationtimestamp| type| source ---|---|--- 2026-01-27 19:59:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdgkblitn626...

9.3CVSS4.8AI score0.00321EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 4:27 p.m.2 views

CVE-2026-1473

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...

9.3CVSS5.8AI score0.00321EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : glibc-2.17-105.el7 (AXSA:2015-569:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-569:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

7.5CVSS8.2AI score0.05808EPSS
Exploits4References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:44 p.m.8 views

CVE-2005-1473

SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field...

4.6CVSS6.2AI score0.00344EPSS
Exploits0References1
Circl
Circl
added 2025/07/29 9:0 p.m.6 views

CVE-2001-1473

creationtimestamp| type| source ---|---|--- 2025-07-29 21:00:04+00:00| published-proof-of-concept| Telegram/ujDzFFrET3ZH5xQdQMIqDWCAd6Ask0YbS48UdaKK1nCHgf0...

7.5CVSS4.8AI score0.06268EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.7 views

CVE-2023-1473

The Slider, Gallery, and Carousel by MetaSlider WordPress plugin 3.29.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00458EPSS
Exploits2References1
CBLMariner
CBLMariner
added 2025/04/12 2:52 a.m.10 views

CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7

CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7. A patched version of the package is available...

6.4CVSS6.9AI score0.02129EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/22 1:25 p.m.14 views

CVE-2025-1473

A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...

7.1CVSS7.2AI score0.00202EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.4 views

api-python-bet-project (>=0.1.9 <=0.1.22), argosml (>=0.0.1 <=0.1.3) +33 more potentially affected by CVE-2025-1473 via mlflow (>=2.17.0 <=2.20.2)

mlflow PYPI version =2.17.0, =0.1.9, =0.0.1, =1.0.6, =1.9.23, =0.1.0, =0.0.10, =1.1.5, =0.1.2370984012, =1.6.0, =0.14.0, =0.14.0, =0.14.0, =0.1.1, =0.1.2 and more Source cves: CVE-2025-1473 Source advisory: OSV:GHSA-969W-GQQR-G6J3...

7.1CVSS6.3AI score0.00202EPSS
Exploits1
NVD
NVD
added 2025/03/20 10:15 a.m.9 views

CVE-2025-1473

A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...

7.1CVSS0.00202EPSS
Exploits1References2
OSV
OSV
added 2025/03/20 10:15 a.m.5 views

CVE-2025-1473

A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...

7.1CVSS7.1AI score
Exploits0References2
CVE
CVE
added 2025/03/20 10:10 a.m.63 views

CVE-2025-1473

In MLflow (mlflow/mlflow), a CSRF vulnerability affects versions 2.17.0 to 2.20.1 in the Signup feature, allowing an attacker to create a new account and potentially perform unauthorized actions on behalf of the attacker’s account. The CVE-2025-1473 entry documents the flaw and its impact as Cros...

7.1CVSS5.5AI score0.00202EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2013-1473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to...

5CVSS7.3AI score0.05487EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2011-1473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it...

5CVSS6.9AI score0.67703EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.49 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.95764EPSS
Exploits28
OpenVAS
OpenVAS
added 2024/03/21 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1473)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.3AI score0.37951EPSS
Exploits8References4
NVD
NVD
added 2024/03/20 7:15 a.m.18 views

CVE-2024-1473

The Coming Soon & Maintenance Mode by Colorlib plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.99 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page contents via REST API thus bypassing maintenance mo...

5.3CVSS5.1AI score0.00533EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/20 6:48 a.m.18 views

CVE-2024-1473 Coming Soon & Maintenance Mode by Colorlib <= 1.0.99 - Information Exposure

The Coming Soon & Maintenance Mode by Colorlib plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.99 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page contents via REST API thus bypassing maintenance mo...

5.3CVSS7.2AI score0.00533EPSS
Exploits0References3
CVE
CVE
added 2024/03/20 6:48 a.m.92 views

CVE-2024-1473

CVE-2024-1473 affects the Colorlib Coming Soon & Maintenance Mode plugin for WordPress. The vulnerability allows Information Exposure via the REST API in all versions up to and including 1.0.99, enabling unauthenticated attackers to obtain post/page contents and bypass maintenance mode protection...

5.3CVSS9.1AI score0.00533EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder