Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.4 views

CVE-2026-31058

UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the timeRangeName parameter of the formConfigDnsFilterGlobal function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

4.5CVSS6.2AI score0.00246EPSS
Exploits1References1
CVE
CVE
added 2026/04/06 12:0 a.m.10 views

CVE-2026-31058

CVE-2026-31058 affects UTT Aggressive HiPER 1200GW (v2.5.3-170306). The root cause is a buffer overflow in the timeRangeName parameter of the formConfigDnsFilterGlobal function, enabling denial-of-service via crafted input. Public details consistently describe the same vulnerability across multip...

4.5CVSS6.2AI score0.00246EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/11 4:3 p.m.6 views

CVE-2025-31058

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player revolutionvideoplayer allows Reflected XSS.This issue affects Revolution Video Player: from n/a through = 2.9.2...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/09 3:56 p.m.26 views

CVE-2025-31058 WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player revolutionvideoplayer allows Reflected XSS.This issue affects Revolution Video Player: from n/a through = 2.9.2...

7.1CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/09 3:56 p.m.4 views

CVE-2025-31058 WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player allows Reflected XSS. This issue affects Revolution Video Player: from n/a through 2.9.2...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/03 9:2 a.m.8 views

WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Revolution Video Player versions = 2.9.2...

7.1CVSS5.9AI score0.00235EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 4:47 a.m.7 views

CVE-2023-31058

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5CVSS6.8AI score0.01228EPSS
Exploits0References1
Circl
Circl
added 2023/05/22 4:24 p.m.8 views

CVE-2023-31058

creationtimestamp| type| source ---|---|--- 2023-05-22 16:24:54+00:00| published-proof-of-concept| https://t.me/cibsecurity/64526...

7.5CVSS7.3AI score0.01228EPSS
Exploits0References1
OSV
OSV
added 2023/05/22 1:15 p.m.10 views

CVE-2023-31058

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5CVSS7.1AI score
Exploits0References1
NVD
NVD
added 2023/05/22 1:15 p.m.25 views

CVE-2023-31058

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5CVSS7.5AI score0.01228EPSS
Exploits0References1
CVE
CVE
added 2023/05/22 12:54 p.m.68 views

CVE-2023-31058

Summary (CVE-2023-31058): Deserialization of untrusted data in Apache InLong (1.4.0–1.6.0) allows attackers to bypass the autoDeserialize filtering by inserting blanks. This can enable unintended behavior as described; no exploitation details are provided here. Impact: high likelihood of bypass o...

7.5CVSS7.5AI score0.01228EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/22 12:54 p.m.10 views

CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5AI score0.01228EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/22 12:54 p.m.35 views

CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.7AI score0.01228EPSS
Exploits0References1
CVE
CVE
added 2022/06/29 5:55 p.m.71 views

CVE-2022-31058

Tuleap SQL injection (CVE-2022-31058) affects Tuleap versions prior to 13.9.99.95. The issue arises from improper input sanitization when constructing SQL against tracker reports, enabling an attacker who can create a new tracker to execute arbitrary SQL queries. Connected sources corroborate imp...

7.2CVSS7.3AI score0.01367EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2022/06/29 5:55 p.m.5 views

CVE-2022-31058 SQL injection via the field name of a tracker in Tuleap

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create ...

7.2CVSS7.3AI score0.01367EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/08/24 6:52 p.m.9 views

CVE-2021-31058

...

Exploits0
CVE
CVE
added 2021/08/24 6:52 p.m.24 views

CVE-2021-31058

CVE-2021-31058 entry is rejected/not used and does not represent an active vulnerability.

7.4AI score
Exploits0
Rows per page
Query Builder