Lucene search
K

72 matches found

Cvelist
Cvelist
added 2022/08/08 1:46 p.m.27 views

CVE-2022-2355 Easy Username Updater < 1.0.5 - Arbitrary Username Update via CSRF

The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...

6.6AI score0.00319EPSS
Exploits2References1
CVE
CVE
added 2021/12/20 10:44 p.m.33 views

CVE-2019-2355

CVE-2019-2355 entry is rejected and not used (as stated).

7.3AI score
Exploits0
Cvelist
Cvelist
added 2021/12/20 10:44 p.m.14 views

CVE-2019-2355

...

Exploits0
CVE
CVE
added 2021/07/20 10:43 p.m.58 views

CVE-2021-2355

CVE-2021-2355 affects Oracle E-Business Suite, specifically the Oracle Marketing component (Marketing Administration). Affected versions are 12.1.1–12.1.3 and 12.2.3–12.2.10. The vulnerability allows an unauthenticated, network-accessible attacker to compromise Oracle Marketing via HTTP, leading ...

9.1CVSS8.4AI score0.01407EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2020:2355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.5AI score0.02235EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2018:2355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.08101EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS5.2AI score0.00499EPSS
Exploits0References4
Virtuozzo
Virtuozzo
added 2019/09/18 12:0 a.m.13 views

Virtuozzo Linux Errata and Bugfix Advisory 2019:2355

Upstream security update. Follow RHBA-2019:2355 for details...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2019/01/22 8:0 p.m.7 views

CVE-2018-2355

...

Exploits0
CVE
CVE
added 2019/01/22 8:0 p.m.27 views

CVE-2018-2355

CVE-2018-2355 entry is rejected/not used; it does not represent an active vulnerability entry.

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2017/02/25 12:0 a.m.27 views

Fedora Update for webkitgtk4 FEDORA-2017-b1abcbe695

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8AI score0.07043EPSS
Exploits21References2
OpenVAS
OpenVAS
added 2017/02/25 12:0 a.m.33 views

Fedora Update for webkitgtk4 FEDORA-2017-0beb752b6e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8AI score0.07043EPSS
Exploits21References2
OSV
OSV
added 2017/02/20 8:59 a.m.7 views

CVE-2017-2355

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute...

8.8CVSS8.8AI score
Exploits0References8
CVE
CVE
added 2017/02/20 8:35 a.m.128 views

CVE-2017-2355

CVE-2017-2355 affects WebKit in Apple ecosystems (iOS before 10.2.1; Safari before 10.0.3; iCloud before 6.1.1; iTunes before 12.5.5; tvOS before 10.1.1). The issue enables remote code execution or a denial of service via crafted web content, due to multiple memory corruption and related reliabil...

8.8CVSS7.9AI score0.02043EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/01/27 12:0 a.m.48 views

Apple iTunes < 12.5.5 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes running on the remote host is prior to 12.5.5 It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in WebKit due to improper validation of certain unspecified input. An unauthenticated, remote attacker can exploit these, vi...

8.8CVSS8.7AI score0.02043EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/01/27 12:0 a.m.29 views

Apple iTunes < 12.5.5 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.5.5. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in WebKit due to improper validation of certain unspecified input. An unauthenticated, remote attacker can exploi...

8.8CVSS8.7AI score0.02043EPSS
Exploits0References6
Apple
Apple
added 2017/01/23 10:39 a.m.45 views

About the security content of iTunes 12.5.5 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

8.8CVSS0.7AI score0.02043EPSS
Exploits0Affected Software1
OSV
OSV
added 2016/12/19 10:59 p.m.9 views

CVE-2016-2355

SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1...

9.8CVSS10AI score
Exploits0References3
CVE
CVE
added 2016/12/19 10:0 p.m.46 views

CVE-2016-2355

Summary: CVE-2016-2355 is a SQL injection vulnerability in the dotCMS REST API, specifically in the param stName used with api/content/save/1. Affected software: dotCMS versions before 3.3.2. Vulnerability details: An attacker can inject arbitrary SQL via the stName parameter, potentially comprom...

9.8CVSS10AI score0.021EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/11/30 12:0 a.m.29 views

Oracle Linux 7 : sssd (ELSA-2015-2355)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2355 advisory. 1.13.0-40 - Resolves: rhbz1270827 - local overrides: don't contact server with overridden name/id 1.13.0-39 - Resolves: rhbz1267837 - sssdbe crashed in...

6.8CVSS7.4AI score0.03666EPSS
Exploits0References2
Rows per page
Query Builder