Lucene search
K

187 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.9 views

TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...

9.8CVSS7.7AI score0.20253EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.8 views

TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...

9.8CVSS7.7AI score0.1691EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/03 12:0 a.m.5 views

Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...

9.8CVSS6.3AI score0.03811EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/23 2:29 p.m.3 views

EUVD-2026-4343

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ability, Inc Web Accessibility with Max Access accessibility-toolbar allows Stored XSS.This issue affects Web Accessibility with Max Access: from n/a through = 2.1.0...

5.9CVSS5.4AI score0.0014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003546)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003546 advisory. In the tun subsystem in the Linux kernel before 4.13.14, devgetvalidname is not called before registernetdevice. This allows local users to cause a denial of service...

6.9CVSS6.3AI score0.00654EPSS
Exploits2References14
OSV
OSV
added 2024/11/14 6:15 p.m.5 views

CVE-2024-4343

A Python command injection vulnerability exists in the SagemakerLLM class's complete method within ./privategpt/components/llm/custom/sagemaker.py of the imartinez/privategpt application, versions up to and including 0.3.0. The vulnerability arises due to the use of the eval function to parse a...

9.8CVSS8.1AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/14 5:32 p.m.7 views

CVE-2024-4343 Python Command Injection in imartinez/privategpt

A Python command injection vulnerability exists in the SagemakerLLM class's complete method within ./privategpt/components/llm/custom/sagemaker.py of the imartinez/privategpt application, versions up to and including 0.3.0. The vulnerability arises due to the use of the eval function to parse a...

9.8CVSS8.4AI score0.0261EPSS
Exploits1References2
CVE
CVE
added 2024/11/14 5:32 p.m.59 views

CVE-2024-4343

The CVE-2024-4343 entry describes a Python command injection in the imartinez/privategpt project. Affected component: SagemakerLLM.complete() in ./private_gpt/components/llm/custom/sagemaker.py, with versions up to and including 0.3.0. Root cause: unsafe parsing of a remote SageMaker LLM endpoint...

9.8CVSS9.8AI score0.0261EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2024/03/18 6:41 p.m.6 views

CVE-2019-4343

creationtimestamp| type| source ---|---|--- 2024-03-18 18:41:11+00:00| seen| https://t.me/ctinow/210842...

6.5CVSS6.5AI score0.01459EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.30 views

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:4343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.09141EPSS
Exploits3References2
Circl
Circl
added 2023/09/05 8:16 p.m.3 views

CVE-2018-4343

creationtimestamp| type| source ---|---|--- 2023-09-05 20:16:41+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/205...

9.3CVSS8.3AI score0.01976EPSS
Exploits0References1
Circl
Circl
added 2023/09/01 2:14 p.m.5 views

CVE-2022-4343

creationtimestamp| type| source ---|---|--- 2023-09-01 14:14:06+00:00| seen| https://t.me/cibsecurity/69637...

5CVSS4.6AI score0.00393EPSS
Exploits0References1
CVE
CVE
added 2023/09/01 10:1 a.m.238 views

CVE-2022-4343

CVE-2022-4343 affects GitLab EE: a project member can leak credentials stored in site profile across versions 13.12–16.1.5, 16.2–16.2.4, and 16.3–16.3.0. The issue is reported as an information disclosure vulnerability. Publicly available details from NVD/OSV/NCSC confirm remediation: update to G...

5CVSS4.7AI score0.00393EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.33 views

GitLab 13.12 < 16.1.5 / 16.2 < 16.2.5 / 16.3 < 16.3.1 (CVE-2022-4343)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in whic...

5CVSS5.1AI score0.00393EPSS
Exploits0References4
Circl
Circl
added 2023/08/15 10:30 p.m.4 views

CVE-2023-4343

creationtimestamp| type| source ---|---|--- 2023-08-15 22:30:41+00:00| seen| https://t.me/cibsecurity/68566...

7.5CVSS7.3AI score0.00481EPSS
Exploits0References1
OSV
OSV
added 2023/08/15 7:15 p.m.4 views

CVE-2023-4343

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter...

7.5CVSS7.1AI score0.00481EPSS
Exploits0References2
CVE
CVE
added 2023/08/15 6:25 p.m.43 views

CVE-2023-4343

CVE-2023-4343 affects the Broadcom RAID Controller web interface, where sensitive password information is exposed in the URL as a search parameter. This leads to potential information disclosure by inspecting URLs. The provided documents do not include explicit exploit details or a mitigated/fixe...

7.5CVSS7.5AI score0.00481EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:3 p.m.24 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2017-1583, CVE-2011-4343).

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

7.5CVSS7.7AI score0.05334EPSS
Exploits1Affected Software1
NVD
NVD
added 2023/06/07 2:15 a.m.17 views

CVE-2021-4343

The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated Account Creation in versions up to, and including, 1.6.6. This is due to the stmlistingregister AJAX action function being accessible and taking roles unprotected. This makes it possible for unauthenticated...

9.8CVSS9.5AI score0.014EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.11 views

CVE-2021-4343 uListing <= 1.6.6 - Unauthenticated Arbitrary Account Creation

The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated Account Creation in versions up to, and including, 1.6.6. This is due to the stmlistingregister AJAX action function being accessible and taking roles unprotected. This makes it possible for unauthenticated...

9.8CVSS7.2AI score0.014EPSS
Exploits1References3
Rows per page
Query Builder