Lucene search
K

143 matches found

Nuclei
Nuclei
added 2 days ago21 views

Joomla! Component iF surfALERT 1.2 - Local File Inclusion

A directory traversal vulnerability in the iF surfALERT comifsurfalert component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1717 info: name: Joomla! Component i...

7.5CVSS6AI score0.22285EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2023 : rclone (ALAS2023-2026-1717)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1717 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS5.9AI score0.00588EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/03/11 8:22 p.m.26 views

CVE-2026-1717

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges...

6.8CVSS0.00144EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : etcd-3.2.32-1.el7 (AXSA:2021-1717:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1717:01 advisory. etcd: Large slice causes panic in decodeRecord method CVE-2020-15106 etcd: DoS in wal/wal.go CVE-2020-15112 Tenable has extracted the preceding...

6.5CVSS7.9AI score0.01291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.11 views

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4 (AXSA:2012-662:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-662:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2012-1711 Unspecified vulnerability in the Java Runtime Environment JRE...

10CVSS8AI score0.93688EPSS
Exploits9References10
EUVD
EUVD
added 2026/01/09 12:0 a.m.24 views

EUVD-2026-1717

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

6.3AI score0.00414EPSS
Exploits1References3
Chainguard
Chainguard
added 2025/08/23 2:16 p.m.4 views

CVE-2012-1717 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-25-openj9, openjdk-8-openj9, openjdk-26-openj9, openjdk-21-openj9, openjdk-11-openj9...

2.1CVSS7.3AI score0.00476EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2013-1717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not...

5.4CVSS7.2AI score0.02424EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2012-1717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and...

2.1CVSS8AI score0.00476EPSS
Exploits0References2
Circl
Circl
added 2025/02/27 9:48 a.m.6 views

CVE-2025-1717

creationtimestamp| type| source ---|---|--- 2025-02-27 09:48:19+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114075218651181708 2025-02-27 10:22:16+00:00| seen| https://t.me/cvedetector/19026 2025-02-27 11:00:55+00:00| seen|...

8.1CVSS8.7AI score0.00542EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/27 7:23 a.m.8 views

CVE-2025-1717 Login Me Now <= 1.7.2 - Authentication Bypass

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. This is due to insecure authentication based on an arbitrary transient name in the 'AutoLogin::listen' function. This makes it possible for unauthenticated attackers to log in an...

8.1CVSS8.1AI score0.00542EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/27 7:23 a.m.15 views

CVE-2025-1717 Login Me Now <= 1.7.2 - Authentication Bypass

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. This is due to insecure authentication based on an arbitrary transient name in the 'AutoLogin::listen' function. This makes it possible for unauthenticated attackers to log in an...

8.1CVSS0.00542EPSS
Exploits0References3
CVE
CVE
added 2025/02/27 7:23 a.m.105 views

CVE-2025-1717

CVE-2025-1717 : The WordPress plugin Login Me Now (versions up to and including 1.7.2) is vulnerable to an authentication bypass via insecure authentication based on an arbitrary transient name in the AutoLogin::listen() function. The vulnerability allows unauthenticated attackers to log in as an...

8.1CVSS8.2AI score0.00542EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/04 6:15 a.m.14 views

CVE-2024-1717

The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleajaxcall function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

4.3CVSS4.3AI score0.00383EPSS
Exploits0References3
CVE
CVE
added 2024/06/04 5:32 a.m.32 views

CVE-2024-1717

CVE-2024-1717 affects the Admin Notices Manager plugin for WordPress. A missing capability check in handle_ajax_call() (all versions through 1.4.0) allows authenticated users with subscriber-level access or higher to retrieve the emails of registered users. The provided documents do not specify a...

4.3CVSS4.6AI score0.00383EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/04 12:0 a.m.7 views

WordPress Admin Notices Manager Plugin <= 1.4.0 is vulnerable to Broken Access Control

Software Admin Notices Manager Type Plugin Vulnerable versions = 1.4.0 Fixed in 1.5.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1717 Patch priority Low CVSS severity Low 4.3 Developer Melapress PSID 95224798df4d Credits Lucio Sá Required privilege...

4.3CVSS6.6AI score0.00383EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2024/05/30 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1717)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.6AI score0.02003EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/11/01 9:3 a.m.34 views

CVE-2023-1717 Bitrix24 Cross-Site Scripting (XSS) via Client-side Prototype Pollution

Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/leftvertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

9.6CVSS9.7AI score0.0105EPSS
Exploits1References1
CVE
CVE
added 2023/11/01 9:3 a.m.104 views

CVE-2023-1717

Bitrix24 22.0.300 is affected by a prototype pollution vulnerability in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js. Attackers can pollute proto [tag] and proto [text], enabling remote JavaScript execution in the victim’s browser and potentially arbitrary PHP code on ...

9.6CVSS9.6AI score0.0105EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.9 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2023-1717)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01972EPSS
Exploits1References2
Rows per page
Query Builder