Lucene search
K

23 matches found

OSV
OSV
added 6 days ago3 views

ROOT-OS-UBUNTU-2204-CVE-2024-46749 CVE-2024-46749 in rootio-linux - Patched by Root

Root has patched CVE-2024-46749 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS7.7AI score0.00232EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/09 8:47 a.m.39 views

CVE-2026-46749

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected application uses a password hashing implementation with a static, hardcoded salt shared across all users and installations, and is configured with an insufficient number of iterations. This could allow a...

7.5CVSS0.00121EPSS
Exploits0References1
Circl
Circl
added 2026/06/09 7:30 a.m.14 views

CVE-2026-46749

creationtimestamp| type| source ---|---|--- 2026-06-09 07:30:01+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-22 2026-06-09 11:00:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnu273c2t32n 2026-06-23 05:00:00+00:00| seen|...

9.8CVSS5.8AI score0.00121EPSS
Exploits0References3
Circl
Circl
added 2026/03/19 12:0 a.m.3 views

CVE-2024-46749

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

5.5CVSS6.3AI score0.00232EPSS
Exploits0References1
Circl
Circl
added 2025/05/12 5:32 p.m.24 views

CVE-2025-46749

creationtimestamp| type| source ---|---|--- 2025-05-12 17:32:42+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114496055573801981 2025-05-12 18:24:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15941 2025-05-12 18:26:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15960...

4.3CVSS4.8AI score0.00219EPSS
Exploits0References5
NVD
NVD
added 2025/05/12 5:15 p.m.13 views

CVE-2025-46749

An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution...

4.3CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/12 4:12 p.m.6 views

CVE-2025-46749 Improper Neutralization of Input

An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution...

4.3CVSS6.5AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/12 4:12 p.m.23 views

CVE-2025-46749 Improper Neutralization of Input

An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution...

4.3CVSS0.00219EPSS
Exploits0References1
CVE
CVE
added 2025/05/12 4:12 p.m.46 views

CVE-2025-46749

CVE-2025-46749 is described across multiple feeds as an input/output sanitization issue that allows an authenticated user to inject scripting into fields, triggering client-side script execution. Connected sources reference Schweitzer Engineering Laboratories products (e.g., SEL-5033/SEL-5702/SEL...

4.3CVSS4.6AI score0.00219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-46749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuartflush This adds a check before freeing the rx-skb in flush and close functions to handle the kern...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/09/18 7:12 a.m.14 views

CVE-2024-46749

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuartflush This adds a check before freeing the rx-skb in flush and close functions to handle the kernel crash seen while removing driver after FW download fails or before...

5.5CVSS5.4AI score0.00232EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/05/23 10:45 p.m.98 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update

Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

9.3CVSS6.6AI score0.8581EPSS
Exploits9References16
vulnersOsv
vulnersOsv
added 2024/01/15 12:30 p.m.7 views

ca.ibodrov.concord:testcontainers-concord-core (>=2.0.0 <=2.0.2), ca.ibodrov.mica:mica-concord-server-plugin (>=0.0.2 <=0.0.21) +496 more potentially affected by CVE-2023-46749 via org.apache.shiro:shiro-core (>=1.0.0-incubating <=1.12.0)

org.apache.shiro:shiro-core MAVEN version =1.0.0-incubating, =2.0.0, =0.0.2, =5.1.0, =5.1.0, =5.1.0, =6.5.28, =6.5.28, =6.5.28, =6.5.28, =6.5.28, =2.2.0, =2.2.0, =2.2.0, =2.3.1 and more Source cves: CVE-2023-46749 Source advisory: OSV:GHSA-JC7H-C423-MPJC...

6.5CVSS6.5AI score0.01177EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/15 9:57 a.m.5 views

CVE-2023-46749 Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure blockSemicolon is enabled this is the default...

6.6AI score0.01177EPSS
Exploits0References1
OSV
OSV
added 2024/01/15 9:57 a.m.21 views

CVE-2023-46749 Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure blockSemicolon is enabled this is the default...

6.5CVSS5.9AI score0.01177EPSS
Exploits0References4
CVE
CVE
added 2024/01/15 9:57 a.m.103 views

CVE-2023-46749

CVE-2023-46749 affects Apache Shiro prior to 1.13.0 or 2.0.0-alpha-4, where path traversal used with path rewriting can lead to authentication bypass. This is triggered when combined with path rewriting, enabling attackers to bypass login checks. Mitigation options from multiple sources include u...

6.5CVSS6.5AI score0.01177EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2024/01/15 12:0 a.m.39 views

CVE-2023-46749

Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure blockSemicolon is enabled this is the default...

6.5CVSS6.8AI score0.01177EPSS
Exploits0References4
Circl
Circl
added 2023/05/09 10:38 p.m.6 views

CVE-2021-46749

creationtimestamp| type| source ---|---|--- 2023-05-09 22:38:45+00:00| seen| https://t.me/cibsecurity/63654...

7.5CVSS7.3AI score0.00616EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/09 6:59 p.m.31 views

CVE-2021-46749

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

7.9AI score0.00616EPSS
Exploits0References1
CVE
CVE
added 2023/05/09 6:59 p.m.57 views

CVE-2021-46749

CVE-2021-46749 corresponds to an out-of-bounds read vulnerability in the AMD Secure Processor (ASP) affecting the System Management Interface (SMI) mailbox checksum calculation, caused by insufficient bounds checking. The vulnerability can trigger a data abort and potentially lead to a denial of ...

7.5CVSS7.8AI score0.00616EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder