Lucene search
+L

98 matches found

OSV
OSV
added 2023/07/27 6:26 p.m.19 views

CVE-2023-3980 Cross-site Scripting (XSS) - Stored in omeka/omeka-s

Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.2...

5.4CVSS5.4AI score0.00401EPSS
Exploits1References4
Circl
Circl
added 2022/11/17 3:52 p.m.40 views

CVE-2022-3980

creationtimestamp| type| source ---|---|--- 2022-11-17 15:52:41+00:00| seen| https://t.me/cibsecurity/53028 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-10 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-02-10...

9.8CVSS7.3AI score0.08087EPSS
In wildExploits0References4
NVD
NVD
added 2022/11/16 1:15 p.m.21 views

CVE-2022-3980

An XML External Entity XEE vulnerability allows server-side request forgery SSRF and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4...

9.8CVSS0.08087EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/16 12:0 a.m.6 views

CVE-2022-3980

An XML External Entity XEE vulnerability allows server-side request forgery SSRF and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4...

9.8CVSS9.8AI score0.08087EPSS
Exploits0References1
CVE
CVE
added 2022/11/16 12:0 a.m.105 views

CVE-2022-3980

CVE-2022-3980 affects Sophos Mobile on-premises (versions 5.0.0–9.7.4) and is caused by XML External Entity (XXE) processing, enabling SSRF and potential code execution. Exploitation could allow reading arbitrary server files and SSRF attacks; base CVSS v3.1 score is 9.8 (CRITICAL). Affected soft...

9.8CVSS9.7AI score0.08087EPSS
In wildExploits0References1Affected Software1
Circl
Circl
added 2021/12/03 6:39 p.m.9 views

CVE-2021-3980

creationtimestamp| type| source ---|---|--- 2021-12-03 18:39:49+00:00| seen| https://t.me/cibsecurity/33317...

7.5CVSS5.8AI score0.01547EPSS
Exploits1References1
NVD
NVD
added 2021/12/03 3:15 p.m.18 views

CVE-2021-3980

elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

7.5CVSS0.01547EPSS
Exploits1References2
OSV
OSV
added 2021/12/03 3:15 p.m.10 views

CVE-2021-3980

elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

7.5CVSS6.7AI score
Exploits0References2
CVE
CVE
added 2021/12/03 3:5 p.m.71 views

CVE-2021-3980

CVE-2021-3980 affects elgg/elgg. The issue is information exposure due to insufficient access control in the view namespace forms/admin for AJAX requests, leading to potential private data leakage. Multiple connected sources (GHSA/HX6G-Q9V2-XH7V2, Veracode, RH Red Hat) describe lack of AdminGatek...

7.5CVSS6.1AI score0.01547EPSS
Exploits1References2Affected Software1
GithubExploit
GithubExploit
added 2021/10/19 6:28 p.m.323 views

Exploit for Origin Validation Error in Solarwinds Dameware_Mini_Remote_Control

CVE-2019-3980 CVE-2019-3980 exploit written in win32/c++ open...

10CVSS9.2AI score0.0518EPSS
Exploits4
CVE
CVE
added 2020/09/16 4:13 p.m.421 views

CVE-2020-3980

Summary: CVE-2020-3980 affects VMware Fusion 11.x. It is a privilege-escalation vulnerability tied to how Fusion configures the system-wide PATH, allowing a normal-privilege user to trick an admin into running malicious code on the host. The vulnerability is documented with a CVSSv3 base score up...

6.7CVSS6.8AI score0.00285EPSS
Exploits0References1Affected Software1
NCSC
NCSC
added 2020/09/16 12:0 a.m.9 views

Vulnerabilities fixed in VMware Workstation, Fusion and Horizon

Vulnerabilities have been fixed in VMware Workstation, Fusion and Horizon. The vulnerability with reference CVE-2020-3980 relates to VMware Fusion and allows a malicious party to obtain elevated user privileges. The remaining CVE characteristics enable a malicious person to cause a...

6.7CVSS6.8AI score0.00324EPSS
Exploits0
Kaspersky
Kaspersky
added 2020/09/14 12:0 a.m.46 views

KLA12099 Multiple vulnerabilities in VMware Workstation and Player

Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A out of bounds read vulnerability in Cortado ThinPrin...

6.7CVSS6.8AI score0.00324EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2020/08/03 2:12 p.m.167 views

Exploit for Origin Validation Error in Solarwinds Dameware_Mini_Remote_Control

CVE-2019-3980 This repo was created to utilize the Nessus POC...

10CVSS9.5AI score0.0518EPSS
Exploits4
Virtuozzo
Virtuozzo
added 2019/12/03 12:0 a.m.16 views

Virtuozzo Linux Errata and Bugfix Advisory 2019:3980

Upstream security update. Follow RHBA-2019:3980 for details...

2.4AI score
Exploits0
CVE
CVE
added 2019/10/08 7:40 p.m.194 views

CVE-2019-3980

CVE-2019-3980 affects SolarWinds DameWare Mini Remote Control (DameWare Mini Remote Client) 12.1.0.89. The issue stems from the SmartCard authentication component, which allows a user to upload an executable to be run on the DWRCS.exe host due to unclear validation/confirmation. An unauthenticate...

10CVSS9.8AI score0.0518EPSS
Exploits4References2Affected Software1
OpenVAS
OpenVAS
added 2019/05/15 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3980-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.5AI score0.03844EPSS
Exploits1References3
CVE
CVE
added 2019/02/06 9:0 p.m.61 views

CVE-2018-3980

Consolidated details show CVE-2018-3980 affects ACD Systems Canvas Draw 5.0.0 in the TIFF parsing path, causing an exploitable out-of-bounds write that can overwrite memory and enable code execution when processing specially crafted TIFF images. Cisco Talos reports multiple TIFF-related out-of-bo...

8.8CVSS7.9AI score0.01456EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/09/21 12:0 a.m.56 views

Debian DSA-3980-1 : apache2 - security update (Optionsbleed)

Hanno Boeck discovered that incorrect parsing of Limit directives of .htaccess files by the Apache HTTP Server could result in memory disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

7.5CVSS6.8AI score0.94999EPSS
Exploits9References5
OpenVAS
OpenVAS
added 2017/09/19 12:0 a.m.61 views

Debian: Security Advisory (DSA-3980-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.94999EPSS
Exploits9References3
Rows per page
Query Builder