Lucene search
K

18 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-40722 Malicious code in zaki-bakwan62-sukiwir (npm)

The package zaki-bakwan62-sukiwir was found to contain malicious code...

7.2AI score
Exploits0
NVD
NVD
added 2025/07/03 12:15 p.m.6 views

CVE-2025-40722

Stored Cross-Site Scripting XSS vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the replace parameter in /config.php/tags...

5.1CVSS0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/03 11:44 a.m.7 views

CVE-2025-40722 Stored Cross-Site Scripting (XSS) vulnerability on Flatboard

Stored Cross-Site Scripting XSS vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the replace parameter in /config.php/tags...

5.1CVSS0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 11:44 a.m.2 views

CVE-2025-40722 Stored Cross-Site Scripting (XSS) vulnerability on Flatboard

Stored Cross-Site Scripting XSS vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the replace parameter in /config.php/tags...

5.1CVSS4.9AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/07/03 11:44 a.m.18 views

CVE-2025-40722

CVE-2025-40722 :A stored XSS exists in Flatboard Pro prior to 3.2.2 due to insufficient validation of user input via the replace parameter in /config.php/tags. The issue affects Flatboard Pro versions before 3.2.2 and can lead to stored XSS as described in multiple sources in the connected docume...

5.1CVSS4.7AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:51 p.m.9 views

CVE-2022-40722

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA...

7.7CVSS6.8AI score0.00328EPSS
Exploits0References1
Circl
Circl
added 2024/08/02 2:1 p.m.3 views

CVE-2024-40722

creationtimestamp| type| source ---|---|--- 2024-08-02 14:01:17+00:00| seen| https://t.me/cvedetector/2343 2024-08-09 17:34:13+00:00| seen| https://t.me/arvinclub1/1132...

4.3CVSS4.8AI score0.00453EPSS
Exploits0References2
CVE
CVE
added 2024/08/02 10:18 a.m.47 views

CVE-2024-40722

CVE-2024-40722 affects the TCBServiSign Windows Version from CHANGING Information Technology. The vulnerability is caused by an API that does not properly validate the length of server-side input, enabling unauthenticated remote attackers to trigger a stack-based buffer overflow when a user visit...

4.3CVSS5.1AI score0.00453EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/02 10:18 a.m.20 views

CVE-2024-40722 CHANGING Information Technology TCBServiSign Windows Version - Stack-based Buffer Overflow

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily...

4.3CVSS7.6AI score0.00453EPSS
Exploits0References2
OSV
OSV
added 2023/04/25 7:15 p.m.8 views

CVE-2022-40722

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA...

5.8CVSS5.8AI score0.00328EPSS
Exploits0References2
CVE
CVE
added 2023/04/25 12:0 a.m.38 views

CVE-2022-40722

CVE-2022-40722 concerns a misconfiguration of RSA padding in the PingID Adapter for PingFederate used to support Offline MFA with PingID mobile authenticators. Red Hat, NVD, CNNVD and other sources describe that this faulty padding enables pre-computed dictionary attacks that bypass offline MFA. ...

7.7CVSS5.9AI score0.00328EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2023/04/25 12:0 a.m.19 views

CVE-2022-40722 Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate.

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA...

7.7CVSS7.7AI score0.00328EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.8 views

CVE-2022-40722 Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate.

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA...

7.7CVSS7.1AI score0.00328EPSS
Exploits0References2
Circl
Circl
added 2022/01/14 12:23 a.m.6 views

CVE-2021-40722

creationtimestamp| type| source ---|---|--- 2022-01-14 00:23:57+00:00| seen| https://t.me/cibsecurity/35461...

9.8CVSS7.4AI score0.03273EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/13 8:27 p.m.31 views

CVE-2021-40722 AEM Forms Improper Restriction of XML External Entity Reference

AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE...

9.8CVSS9.7AI score0.03273EPSS
Exploits0References1
CVE
CVE
added 2022/01/13 8:27 p.m.83 views

CVE-2021-40722

Adobe Experience Manager (AEM) – CVE-2021-40722 affects AEM Forms Cloud Service and on-prem 6.5.10.0 and earlier via an XML External Entity (XXE) injection that can lead to RCE. The connected advisories list this CVE as part of APSB21-103 and note remediation by upgrading to 6.5.11.0 or applying ...

9.8CVSS9.5AI score0.03273EPSS
Exploits0References1Affected Software2
Hacker One
Hacker One
added 2021/08/27 8:58 a.m.44 views

Adobe: AEM forms XXE Vulnerability

AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE. CVE: CVE-2021-40722 Ref: https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html We...

7.5CVSS1.7AI score0.03273EPSS
Exploits0
Metasploit
Metasploit
added 2007/12/18 4:30 a.m.32 views

Apple OS X Software Update Command Execution

This module exploits a feature in the Distribution Packages, which are used in the Apple Software Update mechanism. This feature allows for arbitrary command execution through JavaScript. This exploit provides the malicious update server. Requests must be redirected to this server by other means...

9.3CVSS7.2AI score0.22982EPSS
Exploits4
Rows per page
Query Builder