Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.9 views

CVE-2021-27285

An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated Local privileges and execute arbitrary commands via /opt/tsce4/torque6/bin/getJobsByShell...

8.4CVSS8AI score0.00347EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.11 views

CVE-2020-27285

The default configuration of Crimson 3.1 Build versions prior to 3119.001 allows a user to be able to read and modify the database without authentication...

9.1CVSS6.6AI score0.00882EPSS
Exploits0
CVE
CVE
added 2025/04/17 3:48 p.m.39 views

CVE-2025-27285

CVE-2025-27285 is a reflected XSS in WordPress plugin Easy Form by AYS, caused by improper input neutralization during web page generation. Affected: Easy Form by AYS (versions n/a–2.6.9). Impact per sources: potential user-facing cross-site scripting with HIGH severities (CVSS v3.1 ~7.1). Mitiga...

7.1CVSS7.2AI score0.00257EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/17 3:48 p.m.11 views

CVE-2025-27285 WordPress Easy Form by AYS Plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Easy Form easy-form allows Reflected XSS.This issue affects Easy Form: from n/a through = 2.6.9...

7.1CVSS0.00257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/17 3:48 p.m.3 views

CVE-2025-27285 WordPress Easy Form by AYS Plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Easy Form easy-form allows Reflected XSS.This issue affects Easy Form: from n/a through = 2.6.9...

7.1CVSS8.6AI score0.00257EPSS
Exploits0References1
Circl
Circl
added 2025/01/08 8:14 p.m.5 views

CVE-2023-27285

creationtimestamp| type| source ---|---|--- 2025-01-08 20:14:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/818...

8.4CVSS7.5AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/01/06 10:15 p.m.12 views

CVE-2021-27285

An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated Local privileges and execute arbitrary commands via /opt/tsce4/torque6/bin/getJobsByShell...

8.4CVSS0.00347EPSS
Exploits1References1
Circl
Circl
added 2025/01/06 9:55 p.m.8 views

CVE-2021-27285

creationtimestamp| type| source ---|---|--- 2025-01-06 21:55:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113783636569875480 2025-01-06 22:15:21+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf45vh4vlw22 2025-01-06 22:38:46+00:00| seen|...

8.4CVSS4.8AI score0.00347EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/01/06 12:0 a.m.7 views

CVE-2021-27285

An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated Local privileges and execute arbitrary commands via /opt/tsce4/torque6/bin/getJobsByShell...

7.9AI score0.00347EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/06 12:0 a.m.14 views

CVE-2021-27285

An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated Local privileges and execute arbitrary commands via /opt/tsce4/torque6/bin/getJobsByShell...

0.00347EPSS
Exploits1References1
CVE
CVE
added 2025/01/06 12:0 a.m.60 views

CVE-2021-27285

CVE-2021-27285 affects Inspur ClusterEngine v4.0. The issue allows attackers to gain escalated local privileges and execute arbitrary commands via the binary path /opt/tsce4/torque6/bin/getJobsByShell. The Red Hat and NVD entries corroborate the same description across multiple vendors, with no p...

8.4CVSS7.7AI score0.00347EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/20 12:0 a.m.22 views

Fedora 38 : rubygem-yard (2024-3744975c4b)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3744975c4b advisory. A security flaw was found on rubygem-yard that documents generated by yard may be vulnerable to XSS attack. This issue is now assigned as CVE-2024-27285 . Th...

6.1CVSS6.5AI score0.0106EPSS
Exploits1References2
Debian
Debian
added 2024/03/06 9:45 p.m.32 views

[SECURITY] [DLA 3753-1] yard security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3753-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 06, 2024 https://wiki.debian.org/LTS -...

7.5CVSS6.7AI score0.02334EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.21 views

Debian dsa-5635 : yard - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5635 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5635-1...

6.1CVSS6.4AI score0.0106EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2024/03/05 12:0 a.m.21 views

Debian: Security Advisory (DSA-5635-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.6AI score0.0106EPSS
Exploits1References2
CVE
CVE
added 2024/02/28 7:22 p.m.153 views

CVE-2024-27285

CVE-2024-27285 affects YARD, a Ruby documentation generator. The vulnerability lies in the generated frames.html, where inadequate sanitization in the JavaScript of the frames.erb template allowed Cross-Site Scripting (XSS). Public advisories (Debian, Fedora, Ubuntu, NVD) attribute the issue to Y...

6.1CVSS5.2AI score0.0106EPSS
Exploits1References7Affected Software1
Circl
Circl
added 2024/02/28 6:14 p.m.7 views

CVE-2024-27285

creationtimestamp| type| source ---|---|--- 2024-02-28 18:14:40+00:00| published-proof-of-concept| https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc 2024-02-28 21:27:02+00:00| seen| https://t.me/ctinow/195884 2025-02-14 21:08:30+00:00| seen|...

6.1CVSS6.7AI score0.0106EPSS
Exploits1References2
CVE
CVE
added 2023/06/04 11:52 p.m.63 views

CVE-2023-27285

CVE-2023-27285 affects IBM Aspera Connect and IBM Aspera Cargo at versions up to 4.2.5, with a buffer overflow caused by improper bounds checking. The impact is potential arbitrary code execution on the target system. The vulnerability is addressed by IBM’s remediation: upgrading to version 4.2.6...

8.4CVSS8.1AI score0.00235EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/06/04 11:52 p.m.7 views

CVE-2023-27285 IBM Aspera buffer overflow

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625...

8.4CVSS8.5AI score0.00235EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/02 8:25 p.m.34 views

Security Bulletin: IBM Aspera Connect and IBM Aspera Cargo has addressed multiple vulnerabilities (CVE-2023-22862, CVE-2023-27285)

Summary This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Aspera Connect 4.2.6 and IBM Aspera Cargo 4.2.6. Vulnerability Details CVEID:CVE-2023-22862 DESCRIPTION: IBM Aspera Connect and IBM Aspera Cargo transmits authentication credentials, but it uses an...

8.4CVSS7.8AI score0.00545EPSS
Exploits0Affected Software6
Rows per page
Query Builder