Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : ksh-20120801-253.el8 (AXSA:2020-169:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-169:04 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

7.8CVSS5.7AI score0.01385EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:18 a.m.7 views

CVE-2019-16904

TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. The crafted password is exploitable when viewing the change history of the item or tapping on the item...

5.4CVSS6AI score0.0069EPSS
Exploits1References1
Circl
Circl
added 2020/11/06 2:56 a.m.3 views

CVE-2018-16904

creationtimestamp| type| source ---|---|--- 2020-11-06 02:56:21+00:00| seen| https://t.me/cibsecurity/15937...

4.8AI score
Exploits0References1
CVE
CVE
added 2020/11/05 11:16 p.m.24 views

CVE-2018-16904

CVE-2018-16904 is marked as rejected and not used; this entry does not represent an active vulnerability.

7.4AI score
Exploits0
Cvelist
Cvelist
added 2020/11/05 11:16 p.m.16 views

CVE-2018-16904

...

Exploits0
NVD
NVD
added 2020/10/16 11:15 p.m.15 views

CVE-2020-16904

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys. An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization. This security update addresses the vulnerability by correctly...

9.8CVSS0.03123EPSS
Exploits0References1
CVE
CVE
added 2020/10/16 10:17 p.m.77 views

CVE-2020-16904

CVE-2020-16904 affects Azure Functions where access keys are not validated correctly for HTTP Functions, allowing an unauthenticated attacker to invoke the function without proper authorization. The vulnerability is an elevation of privilege issue tied to HTTP Functions’ access key validation. Mi...

9.8CVSS5.7AI score0.03123EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/09/26 11:6 a.m.57 views

CVE-2019-16904

TeamPass 2.1.27.36 contains a Stored XSS vulnerability: by setting a crafted password for an item in a shared/folder item, an admin or user can trigger XSS when viewing the item’s change history or tapping the item. This is documented across multiple sources (Red Hat, GHSA, osv). The core issue i...

5.4CVSS5.6AI score0.0069EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2019/08/09 12:0 a.m.87 views

TeamPass <= 2.1.27.36 Multiple XSS Vulnerabilities

TeamPass is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS6.2AI score0.0722EPSS
Exploits9References9
Cvelist
Cvelist
added 2017/11/20 7:0 p.m.23 views

CVE-2017-16904

The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator...

5.9AI score0.00652EPSS
Exploits1References1
CVE
CVE
added 2017/11/20 7:0 p.m.47 views

CVE-2017-16904

The CVE concerns LvyeCMS (admin.php, Public tologin) up to version 3.1 where a crafted username enables cross-site scripting. The underlying cause is mishandling of the username during admin log viewing, allowing an attacker to inject Web script/HTML that is executed in an administrator’s view. S...

6.1CVSS5.8AI score0.00652EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder