Lucene search
+L

76 matches found

Cvelist
Cvelist
added 2023/02/21 8:50 a.m.25 views

CVE-2022-4785 Download Video Sidebar Widgets <= 6.1 - Contributor+ Stored XSS via Shortcode

The Video Sidebar Widgets WordPress plugin through 6.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00471EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.7 views

Ubuntu: Security Advisory (USN-4785-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.06748EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/01/05 12:0 a.m.13 views

WordPress Video Sidebar Widgets Plugin <= 6.1 is vulnerable to Cross Site Scripting (XSS)

Software Video Sidebar Widgets Type Plugin Vulnerable versions = 6.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4785 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 2859d13481bb Credits István Márton...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/11/24 12:0 a.m.34 views

Oracle Linux 7 : rpm (ELSA-2021-4785)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4785 advisory. 4.11.3-48 - Fix double-free in previously added patch 2004228 4.11.3-47 - Improve range checks on signature and main header tags 2004228 - Fixes CVE-2021-20271...

7CVSS7.3AI score0.00827EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/09 12:0 a.m.22 views

Debian DSA-4785-1 : raptor2 - security update

It was discovered that raptor2, an RDF parser library, is prone to heap-based buffer overflow flaws, which could result in denial of service, or potentially the execution of arbitrary code, if a specially crafted file is processed. C Tenable Network Security, Inc. The descriptive text and package...

7.1CVSS7.5AI score0.03079EPSS
Exploits1References5
OSV
OSV
added 2020/11/03 2:15 p.m.5 views

CVE-2020-4785

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click...

5.4CVSS6.1AI score0.00665EPSS
Exploits0References2
CVE
CVE
added 2020/11/03 1:25 p.m.48 views

CVE-2020-4785

CVE-2020-4785 affects IBM App Connect Enterprise Certified Container Dashboard (versions 1.0.0–1.0.4 with Operator). The vulnerability allows a remote attacker to hijack a victim’s click actions (clickjacking) by luring the user to a malicious site, potentially enabling further attacks. IBM’s bul...

5.4CVSS5.4AI score0.00665EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/30 4:19 p.m.9 views

CVE-2019-4785

...

Exploits0
CVE
CVE
added 2019/12/30 4:19 p.m.26 views

CVE-2019-4785

CVE-2019-4785 is explicitly rejected/not used per description; this entry does not represent an active vulnerability.

7.3AI score
Exploits0
CVE
CVE
added 2018/03/16 2:4 p.m.23 views

CVE-2017-4785

This CVE entry is rejected and not used; the candidate number was not assigned to any issues.

7.3AI score
Exploits0
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.10 views

CVE-2017-4785

...

Exploits0
CVE
CVE
added 2017/05/11 2:1 p.m.23 views

CVE-2012-4785

This CVE entry is rejected/not used as explicitly stated in the Initial Description.

7.4AI score
Exploits0
OSV
OSV
added 2016/05/31 1:59 a.m.4 views

CVE-2016-4785

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...

5.3CVSS5.8AI score0.02676EPSS
Exploits0References6
CVE
CVE
added 2016/05/31 1:0 a.m.52 views

CVE-2016-4785

SiemenS SIPROTEC 4/Compact EN100 Ethernet modules are affected by CVE-2016-4785. The integrated web server (port 80) could disclose a limited amount of device memory content to remote attackers with network access, and the issue only affects EN100 Ethernet modules inside SIPROTEC4 and SIPROTEC Co...

5.3CVSS6.8AI score0.02676EPSS
Exploits0References6Affected Software1
ICS
ICS
added 2016/02/20 7:0 a.m.52 views

Siemens SIPROTEC Information Disclosure Vulnerabilities (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : SIPROTEC 4 and SIPROTEC Compact Vulnerabilities : Information Exposure 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-16-140-02...

5.3CVSS8AI score0.02676EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2015/07/16 11:1 a.m.18 views

CVE-2015-4785

Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624,...

6.9CVSS6.6AI score0.00413EPSS
Exploits0References2
CVE
CVE
added 2015/07/16 10:0 a.m.57 views

CVE-2015-4785

Technical details about CVE-2015-4785 are not provided in the connected documents. No specific affected products, vectors, or fixes are disclosed here; monitor for updates from official advisories.

6.9CVSS5.6AI score0.00413EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/11/10 12:0 a.m.14 views

E107 alternate_profiles Plugin SQL Injection (CVE-2008-4785)

An SQL injection vulnerability has been reported in E107 Alternate Profiles Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5AI score0.0101EPSS
Exploits0
CVE
CVE
added 2014/09/10 10:0 a.m.63 views

CVE-2014-4785

IBM Initiate Master Data Service (versions 9.5, 9.7, 10.0, 10.1) contains a CSRF vulnerability (CVE-2014-4785) that could allow remote authenticated users to hijack another user’s session by submitting requests that insert XSS sequences. The issue is documented in IBM’s security bulletin covering...

6CVSS6.2AI score0.00662EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/16 12:0 a.m.200 views

Dell iDRAC6 Multiple Vulnerabilities

The remote Dell Integrated Remote Access Controller 6 iDRAC6 is affected by the following vulnerabilities : - A flaw exists in the testurls.html page that allows a remote attacker to authenticate as root. A remote attacker can exploit this to enable root user access over SSH, telnet, and other...

10CVSS5.7AI score0.03621EPSS
Exploits0References4
Rows per page
Query Builder