Lucene search
K

18 matches found

Circl
Circl
added 2026/01/16 7:31 a.m.3 views

CVE-2026-23768

creationtimestamp| type| source ---|---|--- 2026-01-16 07:31:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcjlel65xf2x...

6.1CVSS5.8AI score0.00216EPSS
Exploits1References1
NVD
NVD
added 2026/01/16 6:15 a.m.4 views

CVE-2026-23768

lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or object tags are used with a src attribute missing a file extension...

6.1CVSS0.00216EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/16 5:20 a.m.5 views

CVE-2026-23768

lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or object tags are used with a src attribute missing a file extension...

6.6AI score0.00216EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.10 views

CVE-2020-23768

An information disclosure vulnerability was discovered in alipayfunction.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including e-mail address and...

7.5CVSS6.4AI score0.01025EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.7 views

CVE-2025-23768

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in inwavethemes InFunding infunding allows Reflected XSS.This issue affects InFunding: from n/a through = 1.0...

7.1CVSS7.2AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:16 p.m.29 views

CVE-2022-23768

This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the device...

9.8CVSS7.2AI score0.00844EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:20 a.m.7 views

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

8.8CVSS6.7AI score0.00643EPSS
Exploits0References1
NVD
NVD
added 2025/01/22 3:15 p.m.4 views

CVE-2025-23768

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in inwavethemes InFunding infunding allows Reflected XSS.This issue affects InFunding: from n/a through = 1.0...

7.1CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 2025/01/22 2:32 p.m.55 views

CVE-2025-23768

CVE-2025-23768 : Reflected Cross‑Site Scripting in the WordPress plugin InFunding (NotFound InFunding) affects versions up to 1.0. The issue arises from improper input neutralization during web page generation. CVSS 3.1 base score 7.1 (HIGH) with network attack vector, required user interaction, ...

7.1CVSS7.2AI score0.00271EPSS
Exploits0References1
Circl
Circl
added 2024/01/22 4:21 a.m.6 views

CVE-2024-23768

creationtimestamp| type| source ---|---|--- 2024-01-22 04:21:27+00:00| seen| https://t.me/ctinow/170964...

8.8CVSS8.1AI score0.00643EPSS
Exploits0References1
NVD
NVD
added 2024/01/22 3:15 a.m.15 views

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

8.8CVSS8.7AI score0.00643EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/22 12:0 a.m.4 views

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

8.8CVSS6.7AI score0.00643EPSS
Exploits0References1
CVE
CVE
added 2024/01/22 12:0 a.m.53 views

CVE-2024-23768

CVE-2024-23768 (Dremio) : Dremio before 24.3.1 suffers a path traversal flaw where an authenticated user with no privileges on certain folders plus access to the source and at least one folder can access restricted folders, files, and datasets. Affected versions are 24.0.0–24.3.0, 23.0.0–23.2.3, ...

8.8CVSS8.5AI score0.00643EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/09/19 7:48 p.m.56 views

CVE-2022-23768

CVE-2022-23768 affects the Neo Information Systems Home AP NIS-HAP11AC. The root cause is an exposed external port for the telnet service, enabling remote attackers to perform attacks including source-code hijacking and remote control of the device. The NVD metrics show a high to critical impact ...

9.8CVSS9.4AI score0.00844EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/19 7:48 p.m.32 views

CVE-2022-23768 Neo Information Sys. NIS-HAP11AC remote access and manipulation vulnerability

This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the device...

8.8CVSS9.7AI score0.00844EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/05/21 5:11 p.m.19 views

CVE-2020-23768

An information disclosure vulnerability was discovered in alipayfunction.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including e-mail address and...

7.2AI score0.01025EPSS
Exploits1References1
CVE
CVE
added 2021/05/21 5:11 p.m.74 views

CVE-2020-23768

CVE-2020-23768 describes an information-disclosure vulnerability in PHPPYUN before version 5.0.1, rooted in the Alibaba Payment Interface’s alipay_function.php log file. The issue allows an attacker to obtain users’ personal data, including email addresses and phone numbers. Public documentation ...

7.5CVSS7.1AI score0.01025EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2013/12/23 12:0 a.m.24 views

Fedora Update for openssl FEDORA-2013-23768

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.9AI score0.21174EPSS
Exploits0References2
Rows per page
Query Builder