Lucene search
+L

225 matches found

CVE
CVE
added 2024/11/29 1:6 p.m.54 views

CVE-2024-11992

CVE-2024-11992 concerns Quick.CMS v6.7. The vulnerability is an absolute path traversal in admin.php reachable via the aDirFiles%5B0%5D parameter, allowing remote attackers to bypass restrictions and download files outside the document root if permissions exist, and potentially delete server file...

9.1CVSS6.7AI score0.00812EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 2:45 p.m.28 views

Security Bulletin: IBM Master Data Management may provide weaker than expected security due to OpenSSL through a carry propogation flaw (CVE-2021-4160)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a carry propogation flaw found in OpenSSL. OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and MIPS64 squaring procedure. An attacker could exploit this vulnerability to...

5.9CVSS6.2AI score0.03803EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/09/20 1:55 p.m.28 views

RHSA-2020:1454 Red Hat Security Advisory: Satellite 6.7 release.

Bulletin has no description...

7.3CVSS8AI score0.28839EPSS
Exploits3References367
CNNVD
CNNVD
added 2024/06/22 12:0 a.m.4 views

WordPress plugin ARMember Premium security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.3CVSS7AI score0.00165EPSS
Exploits0References3
OSV
OSV
added 2024/06/15 12:0 a.m.10 views

OPENSUSE-SU-2024:10630-1 arc-5.21q-6.7 on GA media

These are all security issues fixed in the arc-5.21q-6.7 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.4AI score0.02378EPSS
Exploits1References1
Vivaldi Security Advisories
Vivaldi Security Advisories
added 2024/05/23 8:6 p.m.16 views

Minor update (7) for Vivaldi Desktop Browser 6.7

Download Vivaldi The following improvements were made since the sixth 6.7 minor update: Chromium Upgraded 124.0.6367.236 CVE-2024-5274: NB. Chromium updates may include security enhancements or fixes, crash fixes, or website compatibility updates. Main photo byRuarí Ødegaard...

9.6CVSS5.8AI score0.1002EPSS
Exploits3References1
OSV
OSV
added 2024/05/18 12:0 a.m.16 views

CVE-2024-36048

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values...

9.8CVSS6.8AI score0.0097EPSS
Exploits0References10
QT
QT
added 2024/05/02 12:0 a.m.48 views

Security advisory: QStringConverter

QStringConverter has an invalid pointer being passed as a callback which can allow modification of the stack and has been assigned the CVE id CVE-2024-33861. Qt itself is not vulnerable to remote attack however an application using QStringDecoder either directly or indirectly can be vulnerable...

8.3AI score
Exploits0
OSV
OSV
added 2024/03/06 7:15 p.m.3 views

DEBIAN-CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

7.5CVSS7.8AI score0.65254EPSS
Exploits0References1
Intel
Intel
added 2024/02/13 12:0 a.m.20 views

Intel® PM Software Advisory

Summary: A potential security vulnerability in some Intel® Performance Maximizer PM software may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel® PM. Vulnerability Details: CVEID:...

6.7CVSS6.6AI score0.00215EPSS
Exploits0
Patchstack
Patchstack
added 2024/01/31 12:0 a.m.17 views

WordPress Formidable Forms Plugin <= 6.7 is vulnerable to Content Injection

Software Formidable Forms Type Plugin Vulnerable versions = 6.7 Fixed in 6.7.1 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-23522 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID b82c61d4e6f0 Credits Revan Arifio Required privilege...

6.1CVSS6.9AI score0.00336EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/01/11 4:15 p.m.27 views

CVE-2024-0429

A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler SEH records resulting in a service shutdown...

7.3CVSS7.2AI score0.00201EPSS
Exploits0References1
Prion
Prion
added 2024/01/11 4:15 p.m.20 views

Denial of service

A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler SEH records resulting in a service shutdown...

1.7CVSS7.3AI score0.00201EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/11 4:4 p.m.42 views

CVE-2024-0429 Buffer overflow vulnerability on Hex Workshop

A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler SEH records resulting in a service shutdown...

7.3CVSS7.4AI score0.00201EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/01/09 12:0 a.m.11 views

WordPress Formidable Forms Plugin <= 6.7 is vulnerable to Cross Site Scripting (XSS)

Software Formidable Forms Type Plugin Vulnerable versions = 6.7 Fixed in 6.7.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6842 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9bd3f7b9f18e Credits drop Required privilege...

4.8CVSS5.8AI score0.00316EPSS
Exploits0References3Affected Software1
Intel
Intel
added 2023/11/14 12:0 a.m.16 views

Intel® Server Information Retrieval Utility Software Advisory

Summary: A potential security vulnerability in some Intel® Server Information Retrieval Utility software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-27513 Description: Uncontrolled search...

7.8CVSS7.7AI score0.00191EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/10/27 12:0 a.m.2 views

CVE-2023-45498

VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain a command injection vulnerability...

8.2AI score0.20477EPSS
Exploits3References4
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.6 views

Vinchin Backup and Recovery Security Vulnerabilities

Vinchin Backup and Recovery is an easy-to-use, safe and reliable virtual machine data protection software from China Yunqi Technology Vinchin. It is used for backup and recovery. A security vulnerability exists in Vinchin Backup and Recovery that stems from the presence of a command injection...

9.8CVSS7.4AI score0.20477EPSS
Exploits3References4
Prion
Prion
added 2023/10/20 11:15 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component...

4.9CVSS5.5AI score0.00485EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/20 12:0 a.m.7 views

PT-2023-28795 · Opensolution · Opensolution Quick Cms

Name of the Vulnerable Software and Affected Versions: opensolution Quick CMS version 6.7 Description: A cross-site scripting XSS issue allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component. This enables the...

5.4CVSS5.5AI score0.00485EPSS
Exploits1References5
Rows per page
Query Builder