Lucene search
+L

101 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.7 views

SUSE CVE-2020-21840

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bitsearchsentinel ../../src/bits.c:1985...

8.8CVSS8.9AI score0.01064EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/06/15 12:0 a.m.14 views

WordPress Download Manager Plugin <= 3.2.42 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

6.1CVSS6.4AI score0.01138EPSS
Exploits3References3
Circl
Circl
added 2022/06/13 4:16 p.m.6 views

CVE-2022-1985

creationtimestamp| type| source ---|---|--- 2022-06-13 16:16:51+00:00| seen| https://t.me/cibsecurity/44264...

6.1CVSS6AI score0.01138EPSS
Exploits3References1
OSV
OSV
added 2022/06/13 1:15 p.m.6 views

CVE-2022-1985

The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on the 'frameid' parameter found in the /src/Package/views/shortcode-iframe.php file...

6.1CVSS5.7AI score0.01138EPSS
Exploits3References5
CVE
CVE
added 2022/06/13 12:44 p.m.79 views

CVE-2022-1985

CVE-2022-1985 affects WordPress Download Manager plugin up to version 3.2.42. The vulnerability is a reflected Cross-Site Scripting due to insufficient sanitization/escaping of the frameid parameter in the shortcode-iframe.php file. Impact described as XSS; no exploit details provided in the init...

6.1CVSS5.8AI score0.01138EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2022/06/09 12:0 a.m.129 views

WordPress Download Manager 3.2.42 Cross Site Scripting Vulnerability

Description: Reflected Cross-Site Scripting Affected Plugin: Download Manager Plugin Slug: download-manager Plugin Developer: codename065 Affected Versions: = 3.2.42 CVE ID: CVE-2022-1985 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Rafie Muhammad...

6.1CVSS6.3AI score0.01138EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2022/06/07 3:35 p.m.20 views

Cross-Site Scripting Vulnerability In Download Manager Plugin

On May 30, 2022, Security Researcher Rafie Muhammad reported a reflected Cross-Site Scripting XSS vulnerability to us that they discovered in Download Manager, a WordPress plugin installed on over 100,000 sites. On request, we assigned a vulnerability identifier of CVE-2022-1985. All Wordfence...

4.3CVSS6.5AI score0.01138EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2022/05/05 3:6 p.m.81 views

Nigerian Tesla: 419 scammer gone malware distributor unmasked

Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one of the most popular payloads observed in malspam campaigns. While looking for threats targeting Ukraine, we identified a group we call "Nigerian Tesla" that has been dabbling into phishing...

0.2AI score
Exploits0
CVE
CVE
added 2021/10/20 6:31 a.m.52 views

CVE-2021-1985

CVE-2021-1985 affects Qualcomm Snapdragon devices via the QVR Service configuration. Root cause: lack of proper data length checks leads to a buffer over-read. Impact described as local access with high confidentiality and availability impact; no public exploit details are provided in the supplie...

8.4CVSS7AI score0.00146EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/20 6:31 a.m.36 views

CVE-2021-1985

Possible buffer over read due to lack of data length check in QVR Service configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

8.4CVSS8.6AI score0.00146EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/29 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2021-1985)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.1AI score0.62906EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2013:1103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.02798EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2013:1103-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.02798EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2014:0881-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.10254EPSS
Exploits1References2
NVD
NVD
added 2021/05/17 9:15 p.m.17 views

CVE-2020-21840

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bitsearchsentinel ../../src/bits.c:1985...

8.8CVSS0.01064EPSS
Exploits1References1
Circl
Circl
added 2020/08/24 8:55 p.m.4 views

CVE-2018-1985

creationtimestamp| type| source ---|---|--- 2020-08-24 20:55:20+00:00| seen| https://t.me/cibsecurity/14286...

4.9CVSS4.5AI score0.0033EPSS
Exploits0References1
CVE
CVE
added 2020/08/24 3:30 p.m.35 views

CVE-2018-1985

CVE-2018-1985 affects IBM Security Trusteer Rapport for macOS. An unused legacy driver in the Apex/Rapport package could be exploited locally by an administrator to trigger a buffer overflow and kernel panic; IBM notes the driver has been removed in newer builds. Affected versions: Rapport for ma...

4.9CVSS4.7AI score0.0033EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/04/08 7:15 p.m.19 views

CVE-2020-1985

Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows...

7.8CVSS7.6AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/08 6:41 p.m.23 views

CVE-2020-1985 Secdo: Incorrect Default Permissions

Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows...

7.8CVSS7.6AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2020/04/08 6:41 p.m.48 views

CVE-2020-1985

CVE-2020-1985 refers to Secdo for Windows with an incorrect default permission on the folder C:\Programdata\Secdo\Logs. Local authenticated users could overwrite system files and escalate privileges due to overly permissive permissions. The connected Palo Alto advisory offers a workaround: modify...

7.8CVSS7.6AI score0.00254EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder