CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Positive Technologies•added 2021/04/26 12:0 a.m.•1 views

PT-2021-15478 · Postcss · Postcss

Name of the Vulnerable Software and Affected Versions: postcss versions prior to 7.0.36 postcss versions 8.0.0 through 8.2.13 Description: The issue is related to Regular Expression Denial of Service ReDoS via the getAnnotationURL and loadAnnotation functions in lib/previous-map.js. The vulnerabl...

7.5CVSS7.2AI score0.00074EPSS

Exploits1References13

OSV•added 2021/03/08 10:15 p.m.•0 views

CVE-2020-27576

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...

5.4CVSS6AI score0.00281EPSS

Exploits0References2

NVD•added 2021/03/08 10:15 p.m.•14 views

CVE-2020-27575

Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...

8.8CVSS0.06725EPSS

Exploits1References2

Prion•added 2021/03/08 10:15 p.m.•13 views

Command injection

6.5CVSS8.9AI score0.06725EPSS

Exploits1References2Affected Software1

Prion•added 2021/03/08 10:15 p.m.•8 views

Cross site scripting

3.5CVSS5.2AI score0.00281EPSS

Exploits0References2Affected Software1

NVD•added 2021/03/08 9:15 p.m.•12 views

CVE-2020-27574

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery CSRF. If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user...

8.8CVSS0.00161EPSS

Exploits1References2

Cvelist•added 2021/03/08 9:13 p.m.•11 views

CVE-2020-27576

5.2AI score0.00281EPSS

Exploits0References2

Cvelist•added 2021/03/08 8:57 p.m.•13 views

CVE-2020-27574

8.6AI score0.00161EPSS

Exploits1References2

CNNVD•added 2021/03/08 12:0 a.m.•1 views

Maxum Rumpus 跨站脚本漏洞

Maxum Rumpus is an FTP and Web file transfer server. Maxum Rumpus 8.2.13, 8.2.14 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject and execute JavaScript code...

5.4CVSS5.3AI score0.00281EPSS

Exploits0References3

CNNVD•added 2021/03/08 12:0 a.m.•2 views

Maxum Rumpus 跨站请求伪造漏洞

Maxum Rumpus is an FTP and Web file transfer server. A cross-site request forgery vulnerability exists in Maxum Rumpus 8.2.13, 8.2.14, which can be exploited by an attacker to perform an operation as an authenticated user by tricking a user into visiting a malicious page...

8.8CVSS5.4AI score0.00161EPSS

Exploits1References3

CNNVD•added 2021/03/08 12:0 a.m.•1 views

Maxum Rumpus 命令注入漏洞

Maxum Rumpus is an FTP and Web file transfer server. A command injection vulnerability exists in a parameter of the Edit User form in Maxum Rumpus 8.2.13, 8.2.14, which can be exploited by an attacker to inject arbitrary commands...

8.8CVSS5.9AI score0.06725EPSS

Exploits1References3

Prion•added 2020/02/13 10:15 p.m.•13 views

Buffer overflow

Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service...

7.1CVSS7.1AI score0.00295EPSS

Exploits0References2Affected Software1

CVE•added 2020/02/13 9:51 p.m.•57 views

CVE-2014-1617

CVE-2014-1617 affects Microsys PROMOTIC 8.2.13. A buffer overflow in the ActiveX control Start routine can cause denial of service. All available sources describe the vulnerability as a vulnerability in the PROMOTIC ActiveX component, but the provided documents do not specify exact exploit vector...

7.1CVSS6.4AI score0.00295EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by