Lucene search
+L

65 matches found

openvas
openvas
added 2025/10/13 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2025:03525-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS6.6AI score0.00308EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/23 12:26 a.m.8 views

CVE-2022-4791

The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS6AI score0.00471EPSS
Exploits2
redhatcve
redhatcve
added 2025/05/22 9:48 a.m.8 views

CVE-2011-4791

DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field...

10CVSS7.8AI score0.0867EPSS
Exploits0References1
cve
cve
added 2025/05/16 5:0 p.m.39 views

CVE-2025-4791

CVE-2025-4791 affects FreeFloat FTP Server 1.0, with the HASH Command Handler failing to validate input length and causing a buffer overflow. The vulnerability can be exploited remotely, and disclosures/public exploit references exist. A practical workaround noted in PT-2025-21742 is to disable t...

9.8CVSS7.5AI score0.00601EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2025/05/16 5:0 p.m.27 views

CVE-2025-4791 FreeFloat FTP Server HASH Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

7.5CVSS0.00601EPSS
Exploits1References4
nessus
nessus
added 2023/10/20 12:0 a.m.40 views

Ubuntu 16.04 ESM : Apache Tomcat 7 vulnerabilities (USN-4791-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4791-1 advisory. It was discovered that Apache Tomcat 7 did not protect applications from the presence of untrusted client data in an environment variable. A remote...

8.1CVSS7.6AI score0.50896EPSS
Exploits0References3
nvd
nvd
added 2023/09/14 7:16 p.m.12 views

CVE-2018-4791

Rejected reason: This candidate is unused by its CNA...

6.6AI score
Exploits0
circl
circl
added 2023/02/21 12:21 p.m.4 views

CVE-2022-4791

creationtimestamp| type| source ---|---|--- 2023-02-21 12:21:39+00:00| seen| https://t.me/cibsecurity/58581 2025-03-14 14:45:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7566...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References2
osv
osv
added 2023/02/21 9:15 a.m.3 views

CVE-2022-4791

The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.8AI score0.00471EPSS
Exploits2References1
cve
cve
added 2023/02/21 8:50 a.m.53 views

CVE-2022-4791

The CVE-2022-4791 issue affects the WordPress plugin “Product Slider and Carousel with Category for WooCommerce” (versions before 2.8). Root cause: failure to validate and escape a shortcode attribute, enabling Stored XSS by users with as low as Contributor. Impact: stored cross-site scripting vu...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2023/02/21 8:50 a.m.43 views

CVE-2022-4791 Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode

The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.5AI score0.00471EPSS
Exploits2References1
susecve
susecve
added 2023/02/15 6:16 a.m.4 views

SUSE CVE-2005-4791

Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 liferea or 2 banshee...

2.1CVSS7.7AI score0.00444EPSS
Exploits0References3
ivanti
ivanti
added 2023/02/14 7:22 a.m.12 views

SA40210 - [Pulse Secure] Information disclosure possible on admin UI (CVE-2016-4791)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. An information disclosure issue was discovered on the Pulse Connect Secure device. This issue exists on the administrative user interface and requires admin level access. Because of th...

8.6CVSS6.6AI score0.02242EPSS
Exploits0
circl
circl
added 2021/02/09 6:40 p.m.8 views

CVE-2020-4791

creationtimestamp| type| source ---|---|--- 2021-02-09 18:40:39+00:00| seen| https://t.me/cibsecurity/23307...

6.9CVSS6.1AI score0.00303EPSS
Exploits0References1
cve
cve
added 2021/02/09 2:50 p.m.51 views

CVE-2020-4791

IBM Security Identity Governance and Intelligence (IGI) 5.2.6 is affected by CVE-2020-4791 due to improper certificate validation, enabling potential information disclosure via man-in-the-middle attacks. The vulnerability affects IGI 5.2.6 and is described in multiple sources (NVD entry and CNVD/...

6.9CVSS4.8AI score0.00303EPSS
Exploits0References2Affected Software1
openvas
openvas
added 2020/11/14 12:0 a.m.16 views

Debian: Security Advisory (DSA-4791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7AI score0.02002EPSS
Exploits0References4
cve
cve
added 2020/02/13 11:10 p.m.84 views

CVE-2013-4791

CVE-2013-4791 affects PrestaShop versions before 1.4.11. Multiple connected sources (GHSA/OSV/CNVD/NVD/CVE lists) describe a stored XSS in TinyMCE exploitable by Logistician/low-privilege accounts. The vulnerability allows authenticated low-privilege users to inject persistent script via the Tiny...

5.4CVSS5.2AI score0.00557EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2019/12/30 4:19 p.m.8 views

CVE-2019-4791

...

Exploits0
redhatcve
redhatcve
added 2019/10/04 8:52 p.m.20 views

CVE-2005-4791

Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 liferea or 2 banshee...

2.1CVSS7.7AI score0.00444EPSS
Exploits0References3
ibm
ibm
added 2018/06/16 9:38 p.m.65 views

Security Bulletin: Multiple vulnerabilities in OpenSource Oracle Mysql affect IBM Security Guardium Database Activity Monitor

Summary Several unspecified vulnerability in Oracle MySQL Server could allow a remote attacker to cause a denial of service, obtain information, and have partial confidentiality, integrity, and availability impact. Vulnerability Details CVEID: CVE-2015-4815 DESCRIPTION: An unspecified vulnerabili...

7.2CVSS1.4AI score0.30146EPSS
Exploits6Affected Software1
Rows per page
Query Builder