Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 4:38 a.m.4 views

CVE-2023-44384

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the discoursejiraverboselog site setting. A moderator user cou...

4.1CVSS6.8AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/06 3:25 a.m.5 views

CVE-2021-44384

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. SetPtzTattern param is not object. An attacker can send an HTTP request to trigger this vulnerability...

8.6CVSS6.8AI score0.00205EPSS
Exploits1References3
Circl
Circladded 2023/10/06 10:13 p.m.3 views

CVE-2023-44384

creationtimestamp| type| source ---|---|--- 2023-10-06 22:13:48+00:00| seen| https://t.me/cibsecurity/71760...

4.1CVSS4.6AI score0.00096EPSS
Exploits0References1
NVD
NVDadded 2023/10/06 6:15 p.m.10 views

CVE-2023-44384

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the discoursejiraverboselog site setting. A moderator user cou...

4.1CVSS4.5AI score0.00096EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/10/06 5:15 p.m.14 views

CVE-2023-44384 Discourse-Jira could make SSRF attack by setting Jira URL to an arbitrary location

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the discoursejiraverboselog site setting. A moderator user cou...

4.1CVSS4.8AI score0.00096EPSS
Exploits0References3
OSV
OSVadded 2023/10/06 5:15 p.m.13 views

CVE-2023-44384 Discourse-Jira could make SSRF attack by setting Jira URL to an arbitrary location

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the discoursejiraverboselog site setting. A moderator user cou...

4.1CVSS5AI score0.00096EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2023/10/06 5:15 p.m.10 views

CVE-2023-44384 Discourse-Jira could make SSRF attack by setting Jira URL to an arbitrary location

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the discoursejiraverboselog site setting. A moderator user cou...

4.1CVSS7.1AI score0.00096EPSS
Exploits0References3
CVE
CVEadded 2023/10/06 5:15 p.m.96 views

CVE-2023-44384

The CVE-2023-44384 entry concerns the Discourse-jira plugin for Discourse. According to connected sources (Red Hat advisory, NVD/NVD-derived summaries, and other feeds), exploitation stems from an SSRF via the Jira URL when the discourse_jira_verbose_log site setting is enabled. An administrator ...

4.1CVSS4.4AI score0.00096EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2022/11/17 12:0 a.m.50 views

CVE-2022-44384

CVE-2022-44384 affects rconfig v3.9.6 and describes an arbitrary file upload vulnerability that allows an attacker to execute arbitrary PHP code by uploading a crafted file. The issue enables remote code execution via a crafted PHP file, with in‑the‑wild risk demonstrated by a Metasploit module t...

8.8CVSS8.8AI score0.48689EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/17 12:0 a.m.4 views

CVE-2022-44384

An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file...

8.9AI score0.48689EPSS
Exploits2References1
Circl
Circladded 2022/01/29 12:22 a.m.0 views

CVE-2021-44384

creationtimestamp| type| source ---|---|--- 2022-01-29 00:22:10+00:00| seen| https://t.me/cibsecurity/36528...

8.6CVSS7.8AI score0.00205EPSS
Exploits1References1
CVE
CVEadded 2022/01/28 9:42 p.m.60 views

CVE-2021-44384

CVE-2021-44384 affects the reolink RLC-410W (firmware 3.0.0.136_20121102) via the cgiserver.cgi JSON command parser. A specially crafted HTTP request can cause the cgiserver.cgi process to reboot the device by triggering an assert when a JSON param is not an object (SetPtzTattern and related APIs...

8.6CVSS7.4AI score0.00205EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/01/28 9:42 p.m.5 views

CVE-2021-44384

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. SetPtzTattern param is not object. An attacker can send an HTTP request to trigger this vulnerability...

8.6CVSS7.7AI score0.00205EPSS
Exploits1References1
Circl
Circladded 2021/06/24 3:51 p.m.2 views

CVE-2022-44384

creationtimestamp| type| source ---|---|--- 2021-06-24 15:51:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/rconfigvendorsauthfileuploadrce.rb 2022-11-17 20:18:08+00:00| seen| https://t.me/cibsecurity/53083 2025-04-29 15:11:46+00:00|...

8.8CVSS8.1AI score0.48689EPSS
Exploits2References3
Rows per page
Query Builder