Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/20 6:20 p.m.3 views

CVE-2026-6060

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

4.5CVSS5.7AI score0.00191EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.2 views

Esri ArcGIS SQL注入漏洞

Esri ArcGIS is a powerful desktop GIS software from Esri. A SQL injection vulnerability exists in Esri ArcGIS Monitor versions 2023.0 through 2024.x. The vulnerability stems from allowing a low-privileged user to read limited database schema information...

4.3CVSS7.7AI score0.0037EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/01/28 12:23 a.m.5 views

SUSE CVE-2024-43446

An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X OTRS Community Edition: 6.0.x Products based on the OTRS Community Edition...

3.5CVSS7AI score0.00208EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/01/28 12:19 a.m.3 views

SUSE CVE-2025-24390

A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X...

6.8CVSS6.8AI score0.00195EPSS
Exploits0References3
CVE
CVE
added 2025/01/27 5:59 a.m.63 views

CVE-2025-24389

CVE-2025-24389 affects OTRS and related builds (OTRS 7.0.X, 8.0.X, 2023.X, 2024.X and ((OTRS)) Community Edition 6.0.x; products based on CE are likely affected). The root cause is described as certain errors in upstream libraries that cause sensitive information to be written to the OTRS log mec...

6.3CVSS6.2AI score0.00137EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/18 12:0 a.m.18 views

Autodesk Revit 2024.x < 2024.2.2 / 2025.x < 2025.3 PDF File Parsing Out-of-Bounds Write (ADSK-SA-2024-0018)

The version of Autodesk Revit installed on the remote Windows host is 2024.x prior to 2024.2.2 or 2025.x prior to 2025.3. It is, therefore, affected by an out-of-bounds write vulnerability: - A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A...

7.8CVSS6.2AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2024/08/26 9:15 a.m.13 views

CVE-2024-43443

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

4.9CVSS0.00358EPSS
Exploits0References1
NVD
NVD
added 2024/08/26 9:15 a.m.16 views

CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS0.00376EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 9:15 a.m.2 views

UBUNTU-CVE-2024-43442

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...

4.9CVSS5.8AI score0.00402EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/26 8:42 a.m.21 views

CVE-2024-43442 Stored XSS in System Configuration

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...

4.9CVSS0.00402EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/06 7:15 p.m.20 views

CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

6.3CVSS6.1AI score0.00775EPSS
Exploits0References2
Rows per page
Query Builder