Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.3 views

CVE-2023-31043

EnterpriseDB EDB Postgres Advanced Server EPAS before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edbfilterlog.redactpasswordcommands. The fixed versions are 10.23.33, 11.18.29, 12.13.17,...

7.5CVSS6.9AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 6:31 a.m.12 views

CVE-2025-31043

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.7...

6.5CVSS7.2AI score0.00193EPSS
Exploits0References1
Circl
Circl
added 2025/03/31 6:31 a.m.5 views

CVE-2025-31043

creationtimestamp| type| source ---|---|--- 2025-03-31 06:31:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9602 2025-03-31 09:09:09+00:00| seen| https://t.me/cvedetector/21550...

6.5CVSS8.7AI score0.00193EPSS
Exploits0References2
CVE
CVE
added 2025/03/31 6:6 a.m.59 views

CVE-2025-31043

CVE-2025-31043 : JetSearch (WordPress plugin) has a DOM-based cross-site scripting (XSS) vulnerability in the JetSearch component due to improper input handling during web page generation. Affected: JetSearch versions up to 3.5.7 (requires authenticated access at Contributor+ level). Impact: stor...

6.5CVSS7.2AI score0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 6:6 a.m.6 views

CVE-2025-31043 WordPress JetSearch plugin <= 3.5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound JetSearch allows DOM-Based XSS. This issue affects JetSearch: from n/a through 3.5.7...

6.5CVSS6.5AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2023/04/23 12:0 a.m.42 views

CVE-2023-31043

EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 stores unredacted passwords in logs when optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, despite redaction being configured via edb_filter_log.redact_password_commands. Affected versions and fixed targets are: 10.x bef...

7.5CVSS7.5AI score0.0043EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/23 12:0 a.m.9 views

CVE-2023-31043

EnterpriseDB EDB Postgres Advanced Server EPAS before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edbfilterlog.redactpasswordcommands. The fixed versions are 10.23.33, 11.18.29, 12.13.17,...

7.6AI score0.0043EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.99 views

Debian DSA-5246-1 : mediawiki - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5246 advisory. - An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite...

8.1CVSS6.6AI score0.0182EPSS
Exploits3References33
OpenVAS
OpenVAS
added 2022/09/19 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2022-0338)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.8AI score0.0182EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/06/10 12:0 a.m.48 views

Drupal 9.2.x < 9.2.21 / 9.3.x < 9.3.16 Drupal Multiple Vulnerabilities (SA-CORE-2022-011)

According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.21, 9.3.x prior to 9.3.16 or 9.4.x prior to 9.4.0-rc2. It is, therefore, affected by multiple vulnerabilities. - Guzzle is an open source PHP HTTP client. In affected versions the...

7.5CVSS7.2AI score0.0182EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2022/06/09 12:0 a.m.11 views

CVE-2022-31043 Fix failure to strip Authorization header on HTTP downgrade in Guzzle

Guzzle is an open source PHP HTTP client. In affected versions Authorization headers on requests are sensitive information. On making a request using the https scheme to a server which responds with a redirect to a URI with the http scheme, we should not forward the Authorization header on. This ...

7.5CVSS7.5AI score0.0182EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/08/24 6:52 p.m.8 views

CVE-2021-31043

...

Exploits0
CVE
CVE
added 2021/08/24 6:52 p.m.27 views

CVE-2021-31043

CVE-2021-31043 is rejected/not used per the initial description.

7.4AI score
Exploits0
Rows per page
Query Builder