Lucene search
+L

21 matches found

circl
circl
added 2026/06/19 6:10 p.m.9 views

CVE-2017-20282

creationtimestamp| type| source ---|---|--- 2026-06-19 18:10:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3monwtvbgxz2z...

8.8CVSS5.8AI score0.00267EPSS
Exploits0References1
packetstorm
packetstorm
added 2026/05/11 12:0 a.m.99 views

📄 Cisco ISE 2.2 Remote Code Execution

This Metasploit module exploits an unauthorized file upload vulnerability in Cisco ISE. A ZIP file containing a JSP file with a manipulated path path traversal is uploaded. The webshell is then extracted to the webapps folder...

10CVSS7.5AI score0.09805EPSS
Exploits3
thn
thn
added 2025/06/26 1:24 p.m.12 views

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine ISE and ISE Passive Identity Connector ISE-PIC that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the CVE identifiers...

10CVSS9.2AI score0.96732EPSS
Exploits12
circl
circl
added 2025/06/25 4:47 p.m.10 views

CVE-2025-20282

creationtimestamp| type| source ---|---|--- 2025-06-25 16:47:36+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19481 2025-06-25 20:34:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lshhk7i3pt25 2025-06-26 04:00:00+00:00| seen|...

10CVSS7.5AI score0.09805EPSS
Exploits3References50
vulnrichment
vulnrichment
added 2025/06/25 4:29 p.m.6 views

CVE-2025-20282 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks tha...

10CVSS8.2AI score0.09805EPSS
Exploits3References1
cve
cve
added 2025/06/25 4:29 p.m.111 views

CVE-2025-20282

CVE-2025-20282 affects Cisco ISE and ISE-PIC. An unauthenticated attacker can exploit an internal API to upload arbitrary files via the vulnerable endpoint /api/v1/config/upload , bypassing validation and enabling the execution of those files on the host with root privileges. The issue arises fro...

10CVSS8.2AI score0.09805EPSS
In wildExploits3References1Affected Software2
redhatcve
redhatcve
added 2025/05/22 11:35 p.m.8 views

CVE-2022-20282

In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Androi...

7.8CVSS7AI score0.00105EPSS
Exploits0References1
osv
osv
added 2024/04/03 5:15 p.m.6 views

CVE-2024-20282

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

6CVSS5.8AI score0.00168EPSS
Exploits0References1
nessus
nessus
added 2023/02/20 12:0 a.m.102 views

Moodle 3.8.x < 3.8.8 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.17, 3.8.x prior to 3.8.8, 3.9.x prior to 3.9.5 or 3.10.x prior to 3.10.2. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability attack due to the lack of sanitization of th...

6.9CVSS7.5AI score0.99019EPSS
Exploits13References13
nvd
nvd
added 2022/09/29 4:15 a.m.14 views

CVE-2019-20282

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none...

Exploits0
osv
osv
added 2022/08/12 3:15 p.m.4 views

CVE-2022-20282

In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Androi...

7.8CVSS5.9AI score0.00105EPSS
Exploits0References1
cve
cve
added 2022/08/11 3:16 p.m.65 views

CVE-2022-20282

CVE-2022-20282 affects Android 13: AppWidget can start an activity from the background due to a missing permission check, enabling local privilege escalation without extra execution privileges. Impact: local compromise with high confidentiality, integrity, and availability implications per CVSSv3...

7.8CVSS7.8AI score0.00105EPSS
Exploits0References1Affected Software1
openvas
openvas
added 2021/03/24 12:0 a.m.15 views

Fedora: Security Advisory for moodle (FEDORA-2021-50f63a0161)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.4CVSS5.7AI score0.01307EPSS
Exploits2References2
nessus
nessus
added 2021/03/23 12:0 a.m.27 views

Fedora 33 : moodle (2021-431b232659)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-431b232659 advisory. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

5.4CVSS6AI score0.01307EPSS
Exploits2References6
openvas
openvas
added 2021/03/17 12:0 a.m.19 views

Moodle < 3.5.17, 3.8.x < 3.8.8, 3.9.x < 3.9.5, 3.10.x < 3.10.2 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

6.9CVSS7AI score0.99019EPSS
Exploits13References8
circl
circl
added 2021/03/16 1:29 a.m.9 views

CVE-2021-20282

creationtimestamp| type| source ---|---|--- 2021-03-16 01:29:22+00:00| seen| https://t.me/cibsecurity/24930 2024-04-24 20:01:24+00:00| seen| https://t.me/arpsyndicate/4808...

5.3CVSS6.5AI score0.01266EPSS
Exploits0References2
nvd
nvd
added 2021/03/15 10:15 p.m.16 views

CVE-2021-20282

When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

5.3CVSS0.01266EPSS
Exploits0References4
cvelist
cvelist
added 2021/03/15 9:35 p.m.22 views

CVE-2021-20282

When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

5.6AI score0.01266EPSS
Exploits0References4
cve
cve
added 2021/03/15 9:35 p.m.85 views

CVE-2021-20282

CVE-2021-20282 is a Moodle vulnerability that allows bypassing the email verification step during account creation, enabling account verification without access to the verification email/secret. Connected sources confirm this issue affects multiple Moodle branches prior to versions 3.10.2, 3.9.5,...

5.3CVSS5.2AI score0.01266EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2020/01/02 8:33 p.m.14 views

CVE-2019-20282

...

Exploits0
Rows per page
Query Builder