Lucene search
K

52 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:24 a.m.6 views

CVE-2014-5453

Ubisoft Uplay PC before 4.6.1.3217 use weak permissions Everyone: Full Control for the program installation directory %PROGRAMFILES%\Ubisoft Game Launcher, which allows local users to gain privileges via a Trojan horse file...

7.2CVSS7AI score0.01035EPSS
Exploits2References1
NVD
NVD
added 2024/06/05 8:15 a.m.20 views

CVE-2024-5453

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...

4.3CVSS4.4AI score0.00351EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/05 7:34 a.m.21 views

CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...

4.3CVSS4.4AI score0.00351EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/05 7:34 a.m.16 views

CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...

4.3CVSS6.7AI score0.00351EPSS
Exploits0References4
CVE
CVE
added 2024/06/05 7:34 a.m.58 views

CVE-2024-5453

CVE-2024-5453 affects the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. It enables unauthorized data modification via a missing capability check in pm_dismissible_notice and pm_wizard_update_group_icon across all versions up to 5.8.6. Authentication required: attackers wit...

4.3CVSS4.8AI score0.00351EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.13 views

WordPress ProfileGrid Plugin <= 5.8.6 is vulnerable to Broken Access Control

Software ProfileGrid Type Plugin Vulnerable versions = 5.8.6 Fixed in 5.8.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5453 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cc4be9b4d163 Credits Lucio Sá Required privilege...

4.3CVSS6.6AI score0.00351EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/10 12:0 a.m.51 views

Oracle Linux 9 : glibc (ELSA-2023-5453)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5453 advisory. - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode 2234716. Tenable has extracted the preceding description block directly from the...

7.8CVSS7AI score0.81422EPSS
Exploits27References5
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.64 views

AlmaLinux 9 : glibc (ALSA-2023:5453)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5453 advisory. - A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via...

7.8CVSS7.3AI score0.81422EPSS
Exploits27References5
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.25 views

Mozilla Firefox Security Advisory (MFSA2017-10) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.8CVSS7.9AI score0.18756EPSS
Exploits29References41
Cvelist
Cvelist
added 2021/01/25 5:53 p.m.13 views

CVE-2020-5453

...

Exploits0
CVE
CVE
added 2021/01/25 5:53 p.m.26 views

CVE-2020-5453

CVE-2020-5453 entry is rejected/not used and does not represent an active vulnerability.

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.37 views

RHEL 7 : pacemaker (RHSA-2020:5453)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5453 advisory. The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in th...

9CVSS7.6AI score0.02002EPSS
Exploits0References5
CVE
CVE
added 2019/07/30 8:30 p.m.57 views

CVE-2019-5453

Summary: CVE-2019-5453 affects the Nextcloud Android app prior to 3.3.0. The issue is a bypass of the app’s lock protection, allowing access to files when prompted for lock and switching to the Nextcloud file provider. Multiple connected sources corroborate the vulnerability, including CNVD/NVD e...

6.1CVSS6.2AI score0.00469EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/10/09 12:0 a.m.4 views

AirTies Air 5453 Cross-Site Scripting Vulnerability

AirTies Air 5453 is a wireless router product from Airties Turkey. A cross-site scripting vulnerability exists in the AirTies Air 5453. A remote attacker can exploit this vulnerability by sending the 'productboardtype' parameter to the top.html page to inject arbitrary web script or HTML...

6.1CVSS5.9AI score0.02297EPSS
Exploits5References1
OSV
OSV
added 2018/10/02 6:29 p.m.4 views

CVE-2018-17593

AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter...

6.1CVSS5.8AI score0.02297EPSS
Exploits5References2
NVD
NVD
added 2018/10/02 6:29 p.m.20 views

CVE-2018-17593

AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter...

6.1CVSS6.1AI score0.02297EPSS
Exploits5References2
Prion
Prion
added 2018/10/02 6:29 p.m.14 views

Design/Logic Flaw

AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter...

4.3CVSS6AI score0.02297EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2018/10/02 6:0 p.m.55 views

CVE-2018-17593

CVE-2018-17593 affects AirTies Air 5453 devices running software 1.0.0.18. A cross-site scripting vulnerability exists in the top.html page via the productboardtype parameter, enabling injection of arbitrary script/HTML. Public reports (CNVD, Exploit-DB, 0day, PacketStorm) corroborate the XSS iss...

6.1CVSS5.9AI score0.02297EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2018/10/02 6:0 p.m.21 views

CVE-2018-17593

AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter...

6.1AI score0.02297EPSS
Exploits5References2
NVD
NVD
added 2018/06/11 9:29 p.m.15 views

CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

4.3CVSS3.7AI score0.01097EPSS
Exploits0References4
Rows per page
Query Builder