Lucene search
+L

335 matches found

Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.5 views

PT-2022-24230 · WordPress · Analytify

Name of the Vulnerable Software and Affected Versions: Analytify plugin versions = 4.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is authenticated to...

8.8CVSS8.5AI score0.00301EPSS
Exploits0References5
Prion
Prion
added 2022/10/12 12:15 a.m.15 views

Cross site scripting

mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...

5.8CVSS6AI score0.00573EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.12 views

PT-2022-25387 · Mxgraph · Mxgraph

Name of the Vulnerable Software and Affected Versions: mxGraph version 4.2.2 Description: The issue is related to a cross-site scripting XSS vulnerability. It occurs via the setTooltips function, which is susceptible to XSS attacks. Recommendations: For mxGraph version 4.2.2, consider disabling t...

6.1CVSS5.8AI score0.00573EPSS
Exploits1References6
0day.today
0day.today
added 2022/10/03 12:0 a.m.279 views

Joomla JoomRecipe 4.2.2 Cross Site Scripting Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : JoomBoost │ │ Software :...

7.4AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/09/22 9:20 a.m.8 views

CVE-2022-3268 Weak Password Requirements in ikus060/minarca

Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2...

9.8CVSS9.5AI score0.01032EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/09/21 4:55 p.m.6 views

CVE-2022-3251 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in ikus060/minarca

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2...

7.5CVSS6.8AI score0.00508EPSS
Exploits1References2
Fedora
Fedora
added 2022/07/13 2:0 a.m.35 views

[SECURITY] Fedora 36 Update: cheat-4.2.2-4.fc36

Cheat allows you to create and view interactive cheatsheets on the command- line. It was designed to help remind nix system administrators of options for commands that they use frequently, but not frequently enough to remember...

9.3CVSS9AI score0.0995EPSS
Exploits4
CVE
CVE
added 2022/06/15 7:0 p.m.107 views

CVE-2022-31044

The CVE-2022-31044 issue affects Rundeck where the Key Storage converter plugin mechanism was not enabled correctly in versions 4.2.0 and 4.2.1, causing the encryption layer for Key Storage to potentially not work and allowing credentials created or overwritten in these releases to be written in ...

7.5CVSS7.7AI score0.00634EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/24 5:20 p.m.4 views

ca.uhn.hapi.fhir:hapi-fhir-cli-api (=5.1.0), ca.uhn.hapi.fhir:hapi-fhir-cli-jpaserver (=5.1.0) +152 more potentially affected by CVE-2020-5411 via org.springframework.batch:spring-batch-core (>=4.0.0.RELEASE <=4.2.2.RELEASE)

org.springframework.batch:spring-batch-core MAVEN version =4.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =4.2.0, =4.2.0, =3.0.0, =2020.08.001 and more Source cves: CVE-2020-5411 Source advisory: OSV:GHSA-4PH4-Q9R5-6WM6...

8.1CVSS7.2AI score0.01856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:2 a.m.8 views

am.ik.home:uaa-client (>=1.3.0 <=1.9.0), am.ik.home:uaa-integration-test (>=1.3.0 <=1.9.0) +1073 more potentially affected by CVE-2017-4995 via org.springframework.security:spring-security-core (>=4.2.0.RELEASE <=4.2.2.RELEASE)

org.springframework.security:spring-security-core MAVEN version =4.2.0.RELEASE, =1.3.0, =1.3.0, =1.3.0, =1.1.1, =0.2.0, =1.0.3, =3.0.3, =3.0.3, =3.0.3, =3.0.5, =A.1.1.1, =A.2.0.0, =A.1.1.1, =A.2.0.0, =A.2.0.0.RC1 and more Source cves: CVE-2017-4995 Source advisory: OSV:GHSA-VHRG-V3CV-P247...

8.1CVSS7.6AI score0.02547EPSS
Exploits1
NVD
NVD
added 2022/01/31 2:15 p.m.22 views

CVE-2021-28962

Stormshield Network Security SNS before 4.2.2 allows a read-only administrator to gain privileges via CLI commands...

7.2CVSS0.01161EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/31 12:0 a.m.5 views

Stormshield Network Security 命令注入漏洞

Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from the French company Stormshield. A command injection vulnerability exists in Stormshield Network Security because the product does not effectively restrict command line input data. The vulnerability can b...

7.2CVSS7.2AI score0.01161EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/01/31 12:0 a.m.6 views

PT-2022-9906 · Stormshield · Stormshield Network Security

Name of the Vulnerable Software and Affected Versions: Stormshield Network Security SNS versions prior to 4.2.2 Description: The issue allows a read-only administrator to gain privileges via CLI commands. Recommendations: For versions prior to 4.2.2, update to version 4.2.2 or later to resolve th...

7.2CVSS7.5AI score0.01161EPSS
Exploits0References9
OSV
OSV
added 2021/12/29 5:15 p.m.2 views

CVE-2021-45885

An issue was discovered in Stormshield Network Security SNS 4.2.2 through 4.2.7 fixed in 4.2.8. Under a specific update-migration scenario, the first SSH password change does not properly clear the old password...

7.5CVSS5.8AI score0.00887EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/29 4:2 p.m.28 views

CVE-2021-45885

An issue was discovered in Stormshield Network Security SNS 4.2.2 through 4.2.7 fixed in 4.2.8. Under a specific update-migration scenario, the first SSH password change does not properly clear the old password...

7.8AI score0.00887EPSS
Exploits0References2
OSV
OSV
added 2021/09/01 6:31 p.m.17 views

GHSA-HXJ6-V58R-CQV3 Cross Site Scripting in Subrion CMS

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

5.4CVSS5.2AI score0.00621EPSS
Exploits1References3
Prion
Prion
added 2021/08/05 10:15 p.m.21 views

Cross site scripting

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

3.5CVSS5.2AI score0.00621EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/04 2:15 p.m.20 views

Command injection

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL...

9CVSS9.2AI score0.01655EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/04 2:15 p.m.3 views

CVE-2021-32594

An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of specifically crafted files...

8.1CVSS7AI score0.00734EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/08/04 1:31 p.m.16 views

CVE-2021-32590

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL...

9.9CVSS8.3AI score0.01655EPSS
Exploits0References1
Rows per page
Query Builder