Lucene search
+L

64 matches found

Prion
Prion
added 2023/11/09 7:15 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Didier Sampaolo SpamReferrerBlock plugin = 2.22 versions...

6.8CVSS7.2AI score0.0028EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.65 views

GeoServer Code Issues Vulnerabilities

GeoServer is an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer versions 2.22.x prior to 2.22.5 and 2.23.x prior to 2.23.2 that originates from allowing users to share and edit geospatial data...

8.6CVSS6.7AI score0.00514EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/25 12:0 a.m.11 views

PT-2023-10310 · Gnu +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: glibc versions prior to 2.22 Description: The issue in the GNU C Library glibc might allow context-dependent attackers to cause a denial of service, resulting in an application crash. This can be demonstrated by using the fnmatch library...

9.8CVSS7.3AI score0.8833EPSS
Exploits20References40
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.6 views

Schneider Electric EcoStruxure Power Commission 路径遍历漏洞

Schneider Electric EcoStruxure Power Commission is a comprehensive software from Schneider Electric France that provides powerful features for setting up, testing, and commissioning low-voltage distribution cabinets. A path traversal vulnerability exists in Schneider Electric EcoStruxure Power...

9.8CVSS8.6AI score0.00782EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.6 views

Schneider Electric EcoStruxure Power Build 路径遍历漏洞

Schneider Electric EcoStruxure Power Build is a power distribution management software from Schneider Electric, France. The software helps users design, build, commission, operate and maintain electrical installations. A path traversal vulnerability exists in versions of Schneider Electric...

9.8CVSS8.4AI score0.00776EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.5 views

PT-2022-3485 · Schneider Electric · Ecostruxure Power Commission

Name of the Vulnerable Software and Affected Versions: EcoStruxure Power Commission versions prior to V2.22 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow a remote attacker to...

9.8CVSS9.6AI score0.00782EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.8 views

PT-2022-3480 · Schneider Electric · Ecostruxure Power Commission

Name of the Vulnerable Software and Affected Versions: EcoStruxure Power Commission versions prior to V2.22 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow a remote attacker to...

9.8CVSS9.5AI score0.00776EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2022/05/24 5:12 p.m.6 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1593 more potentially affected by CVE-2020-2162 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.22)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2020-2162 Source advisory: OSV:GHSA-CRG2-6XV3-QG5F...

5.4CVSS6AI score0.01159EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/24 5:12 p.m.6 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1593 more potentially affected by CVE-2020-2161 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.22)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2020-2161 Source advisory: OSV:GHSA-G8PG-QRVM-WGH2...

5.4CVSS6AI score0.01237EPSS
Exploits0
OSV
OSV
added 2021/07/25 9:15 p.m.4 views

CVE-2021-37461

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= reflected...

5.4CVSS6.1AI score0.00589EPSS
Exploits1References2
NVD
NVD
added 2021/07/25 9:15 p.m.13 views

CVE-2021-37458

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the primary phone field stored...

5.4CVSS0.00622EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2021/07/25 9:15 p.m.5 views

CVE-2021-37454

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the line name stored...

5.4CVSS6.1AI score0.00589EPSS
Exploits1References3
OSV
OSV
added 2020/08/27 10:15 p.m.3 views

CVE-2020-10517

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any repository conten...

4.3CVSS5.8AI score0.0105EPSS
Exploits0References3
OSV
OSV
added 2020/08/27 10:15 p.m.5 views

CVE-2020-10518

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

8.8CVSS7.8AI score0.03699EPSS
Exploits0References3
Prion
Prion
added 2020/08/27 10:15 p.m.20 views

Remote code execution

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

6.5CVSS8.9AI score0.03699EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/04/14 10:50 p.m.517 views

CVE-2020-5260

CVE-2020-5260 affects Git by newline-injection in the credential helper protocol, enabling a crafted URL to exfiltrate credentials from one host to another. Affected Git releases were patched in April 2020; fixes are in 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26....

9.3CVSS7.2AI score0.10047EPSS
Exploits2References19Affected Software2
OSV
OSV
added 2019/01/31 5:29 p.m.3 views

CVE-2018-17926

The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...

4.3CVSS5.8AI score0.00787EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/19 12:0 a.m.3 views

ABB M2M ETHERNET Improper Authentication Vulnerability

ABB M2M ETHERNET is a network analysis device from ABB Switzerland. An authorization issue vulnerability exists in ABB M2M ETHERNET FW version 2.22 and earlier and ETH-FW version 1.01 and earlier. An attacker can exploit this vulnerability to upload malicious language files...

4.3CVSS7AI score0.00787EPSS
Exploits0References1
ICS
ICS
added 2018/12/18 12:0 a.m.79 views

ABB M2M ETHERNET

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...

4.3CVSS5AI score0.00787EPSS
Exploits0References5
Prion
Prion
added 2017/03/20 4:59 p.m.22 views

Out-of-bounds

The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read...

4.3CVSS6.7AI score0.02429EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder