Lucene search
+L

35 matches found

nessus
nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-7147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows...

6.1CVSS6.2AI score0.01342EPSS
Exploits1References2
osv
osv
added 2025/08/14 6:52 p.m.5 views

MAL-2025-7147 Malicious code in @crabas0npm/accusamus-labore-quae (npm)

The package @crabas0npm/accusamus-labore-quae was found to contain malicious code...

7.2AI score
Exploits0
nvd
nvd
added 2025/07/07 9:15 p.m.7 views

CVE-2025-7147

A vulnerability has been found in CodeAstro Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The...

9.8CVSS0.00454EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/07/07 9:2 p.m.3 views

CVE-2025-7147 CodeAstro Patient Record Management System login.php sql injection

A vulnerability has been found in CodeAstro Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The...

7.5CVSS7.6AI score0.00454EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/05/21 7:39 p.m.8 views

CVE-2008-7147

Multiple cross-site scripting XSS vulnerabilities in IntraLearn Software IntraLearn 2.1, and possibly other versions before 4.2.3, allow remote attackers to inject arbitrary web script or HTML via the 1 outline and 2 course parameters to library/descriptionlink.cfm, or the 3 recordstodisplay and ...

4.3CVSS6.1AI score0.01022EPSS
Exploits0References1
circl
circl
added 2024/08/16 1:43 p.m.7 views

CVE-2024-7147

creationtimestamp| type| source ---|---|--- 2024-08-16 13:43:04+00:00| seen| https://t.me/cvedetector/3327...

6.4CVSS4.8AI score0.00293EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/08/16 10:59 a.m.7 views

CVE-2024-7147 JetBlocks <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6AI score0.00293EPSS
Exploits0References2
patchstack
patchstack
added 2024/08/16 12:0 a.m.8 views

WordPress JetBlocks For Elementor Plugin <= 1.3.12 is vulnerable to Cross Site Scripting (XSS)

Software JetBlocks For Elementor Type Plugin Vulnerable versions = 1.3.12 Fixed in 1.3.12.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7147 Patch priority Low CVSS severity Low 6.5 Developer Crocoblock PSID 63831bec7c72 Credits stealthcopter...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References2Affected Software1
circl
circl
added 2023/12/29 4:26 a.m.9 views

CVE-2023-7147

creationtimestamp| type| source ---|---|--- 2023-12-29 04:26:34+00:00| seen| https://t.me/ctinow/160316 2023-12-30 01:32:48+00:00| seen| https://t.me/cibsecurity/73878...

9.8CVSS6.9AI score0.006EPSS
Exploits0References2
cve
cve
added 2023/12/29 2:31 a.m.64 views

CVE-2023-7147

CVE-2023-7147 affects gopeak MasterLab up to 3.3.10. The vulnerability is in the function base64ImageContent in app/ctrl/User.php; manipulation of the image argument allows unrestricted file upload and can be triggered remotely. No exploit details are provided in the documents. Remediation/status...

9.8CVSS8AI score0.006EPSS
Exploits0References3Affected Software1
circl
circl
added 2021/08/25 8:42 p.m.9 views

CVE-2019-7147

creationtimestamp| type| source ---|---|--- 2021-08-25 20:42:44+00:00| seen| https://t.me/VulnerabilityNews/23659...

5.5CVSS4.9AI score0.00748EPSS
Exploits1References1
prion
prion
added 2021/08/25 4:15 p.m.21 views

Buffer overflow

Buffer Overflow in Netwide Assembler NASM v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147...

4.3CVSS4.6AI score0.00827EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2021/08/25 3:54 p.m.38 views

CVE-2020-18974

Buffer Overflow in Netwide Assembler NASM v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147...

4.4AI score0.00827EPSS
Exploits1References1
nvd
nvd
added 2020/10/19 6:15 p.m.24 views

CVE-2020-7147

A deployselectbootrom expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

10CVSS0.06994EPSS
Exploits0References1
cve
cve
added 2020/10/19 5:37 p.m.55 views

CVE-2020-7147

CVE-2020-7147 describes a remote code execution in Hewlett Packard Enterprise’s Intelligent Management Center (iMC) before platform release 7.3 (E0705P07). The root cause is an expression-language injection in the deploySelectBootrom handling (beanName parameter) that allows an attacker to execut...

10CVSS9.8AI score0.06994EPSS
Exploits0References1Affected Software1
cve
cve
added 2020/08/17 2:10 p.m.25 views

CVE-2018-7147

CVE-2018-7147 entry is rejected/not used as explicitly stated in the Description.

7.3AI score
Exploits0
cve
cve
added 2019/01/29 12:0 a.m.80 views

CVE-2019-7147

CVE-2019-7147 describes a buffer over-read in the function crc64ib in crc64.c of NASM (nasmlib) 2.14rc16. A crafted assembly input can trigger segmentation faults, causing denial of service (DoS). Connected docs confirm the vulnerable component and the DoS impact, but do not provide a patch/versi...

5.5CVSS4.8AI score0.00748EPSS
Exploits1References1Affected Software1
zdt
zdt
added 2017/10/24 12:0 a.m.73 views

Apple Support iOS Application 1.1.1 Unencrypted Third Party Analytics Vulnerability

Apple Support iOS application versions 1.1.1 and below send potentially sensitive information such as mobile carrier, install date and time, number of app launches, device model, iOS version and screen resolution, unencrypted to a third party site Adobe Marketing Cloud. Apple Support iOS...

5CVSS5.2AI score0.00918EPSS
Exploits1
cve
cve
added 2017/10/23 1:0 a.m.92 views

CVE-2017-7147

CVE-2017-7147 affects the Apple Support app for iOS prior to version 1.2. The issue lies in the Analytics component, which transmits analytics data in cleartext to an Adobe Marketing Cloud server, potentially exposing information such as installation date/time and device details to a remote obser...

5.3CVSS4AI score0.00918EPSS
Exploits1References3Affected Software1
apple
apple
added 2017/10/17 9:10 a.m.96 views

About the security content of Apple Support 1.2 for iOS - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

5.3CVSS5.1AI score0.00918EPSS
Exploits1Affected Software2
Rows per page
Query Builder