Lucene search
+L

156 matches found

Positive Technologies
Positive Technologies
added 2025/04/19 12:0 a.m.19 views

PT-2025-95: Local Privilege Escalation (LPE) in Red Shield VPN

The vulnerability was identified in Red Shield VPN , versions 3.3.7. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 19.04.2025 Recommendations: Update to version 3.5.7 ...

7CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2025/04/18 1:49 p.m.6 views

OESA-2025-1435 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

9.8CVSS7.2AI score0.03948EPSS
Exploits6References2
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.3 views

WordPress plugin Instantio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2025/04/11 1:44 p.m.3 views

OESA-2025-1412 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

9.8CVSS7.2AI score0.03948EPSS
Exploits6References2
OSV
OSV
added 2025/04/11 1:44 p.m.3 views

OESA-2025-1411 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

9.8CVSS7.2AI score0.03948EPSS
Exploits6References2
0day.today
0day.today
added 2025/02/20 12:0 a.m.309 views

LTL Freight Quotes – Estes Edition 3.3.7 SQL Injection Vulnerability

CVE-2024-13488 LTL Freight Quotes – Estes Edition = 5.6 AND error-based - WHERE, HAVING...

7.5CVSS9.6AI score0.01104EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/02/20 12:0 a.m.391 views

LTL Freight Quotes – Estes Edition 3.3.7 SQL Injection

LTL Freight Quotes – Estes Edition versions 3.3.7 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2024-13488 LTL Freight Quotes – Estes Edition = 3.3.7 - Unauthenticated SQL Injection Description The LTL Freight Quotes – Estes Edition plugin for WordPress is...

7.5CVSS8.8AI score0.01104EPSS
Exploits3
OSV
OSV
added 2025/02/19 12:15 p.m.4 views

CVE-2024-13485

The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.5CVSS7.3AI score0.00956EPSS
Exploits3References2
CNNVD
CNNVD
added 2025/02/15 12:0 a.m.6 views

WordPress plugin LTL Freight Quotes – Estes Edition SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

7.5CVSS8AI score0.01104EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2025/02/05 1:48 p.m.12 views

CVE-2020-13568

SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/editgroup.php, when the POST parameter action is “Submit”, the POST parameter parentid leads to a SQL...

8.8CVSS7.8AI score0.29683EPSS
Exploits1
Patchstack
Patchstack
added 2024/12/18 9:57 a.m.4 views

WordPress Instantio plugin <= 3.3.7 - Settings Change vulnerability

Settings Change vulnerability discovered by Mika in WordPress Plugin Instantio versions = 3.3.7...

6.5CVSS7AI score0.00336EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.16 views

openSUSE 15 Security Update : cobbler (openSUSE-SU-2024:0370-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0370-1 advisory. Update to 3.3.7 Security: Fix issue that allowed anyone to connect to the API as admin CVE-2024-47533, boo1231332 bind - Fix bug that prevents cname...

9.8CVSS5.5AI score0.03948EPSS
Exploits6References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/09 8:0 p.m.4 views

Malicious code in @neo-ds/neo-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6d3d5e2f6b432e3a4491b74a6c06d176dcf93aa9cf419db326cea281b530044b The OpenSSF Package Analysis project identified '@neo-ds/neo-utils' @ 3.3.7 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSV
added 2024/12/09 8:24 a.m.7 views

MAL-2024-11251 Malicious code in @neo-ds/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eb7303825f9830a20957d406c7a1b9193816b17c907592e4fa1e8a6fa48c61e3 The OpenSSF Package Analysis project identified '@neo-ds/components' @ 3.3.7 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2024/11/29 12:0 a.m.10 views

openSUSE Security Advisory (openSUSE-SU-2024:0382-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03948EPSS
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2024/11/26 12:0 a.m.9 views

Fedora 39 : cobbler (2024-a6f0ade1d3)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a6f0ade1d3 advisory. Update to 3.3.7 - CVE-2024-47533 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS5.5AI score0.03948EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2024/11/26 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2024-a6f0ade1d3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.03948EPSS
Exploits6References4
OSV
OSV
added 2024/11/20 12:0 a.m.10 views

OPENSUSE-SU-2024:14512-1 cobbler-3.3.7-1.1 on GA media

These are all security issues fixed in the cobbler-3.3.7-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS9.5AI score0.03948EPSS
Exploits6References2
NVD
NVD
added 2024/11/18 5:15 p.m.15 views

CVE-2024-47533

Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...

9.8CVSS0.03948EPSS
Exploits6References3
OSV
OSV
added 2024/11/18 5:15 p.m.2 views

UBUNTU-CVE-2024-47533

Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...

9.8CVSS5.9AI score0.03948EPSS
Exploits6References5
Rows per page
Query Builder