Lucene search
K

62 matches found

OSV
OSV
added 2026/06/13 11:53 a.m.8 views

ROOT-APP-NPM-CVE-2020-8203 CVE-2020-8203 in @rootio/lodash.pick - Patched by Root

Root has patched CVE-2020-8203 in the @rootio/lodash.pick package for Root:npm. Multiple fixed versions available...

7.4CVSS8AI score0.05213EPSS
Exploits1
Circl
Circl
added 2026/06/05 11:1 a.m.10 views

CVE-2026-8203

creationtimestamp| type| source ---|---|--- 2026-06-05 11:01:41+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnjyeyccmg24 2026-06-05 11:01:41+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnjyeyccmg24...

7.3CVSS5.3AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/05/21 9:16 p.m.12 views

CVE-2026-8203

Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not validate or sanitize $height. Any user with editor privileges can inject malicious JavaScript that executes in the context of any visitor's browser, potentially leading to session hijacking, credential...

7.3CVSS0.00122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 8:31 p.m.7 views

CVE-2026-8203 Concrete CMS 9.5.0 and below has Stored XSS on the height parameter

Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not validate or sanitize $height. Any user with editor privileges can inject malicious JavaScript that executes in the context of any visitor's browser, potentially leading to session hijacking, credential...

7.3CVSS5.8AI score0.00122EPSS
Exploits0References1
Atlassian
Atlassian
added 2025/12/04 3:28 a.m.15 views

Prototype Pollution loadash.pick Dependency Vulnerability in Jira Software Data Center and Server

This High severity Prototype Pollution vulnerability known as CVE-2020-8203 was introduced in 10.3.0 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H allows an unauthenticated attacker to take...

7.4CVSS7AI score0.05213EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-6979

Malware in sbrugna...

7.5CVSS7.3AI score0.03153EPSS
Exploits0References14
NVD
NVD
added 2025/07/26 3:15 p.m.6 views

CVE-2025-8203

A vulnerability classified as critical has been found in Jingmen Zeyou Large File Upload Control up to 6.3. Affected is an unknown function of the file /index.jsp. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00395EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.7 views

Oracle Linux 9 : thunderbird (ELSA-2025-8203)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-8203 advisory. 128.10.1-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.10.1 - Add OpenELA debranding 128.10.1-1 - Update to 128.10.1 Tenable ha...

8.1CVSS7.2AI score0.00363EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 a.m.5 views

CVE-2019-8203

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

8.8CVSS7.5AI score0.03637EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/12 12:37 p.m.15 views

CVE-2024-40992 RDMA/rxe: Fix responder length checking for UD request packets

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

7AI score0.00268EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/01/24 8:23 p.m.0 views

Malicious code in wlwz-2312-8203 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6157f55472c57f53d1d451afa02655698597f9535be7021e5e9f9b0552863e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/01/24 8:23 p.m.6 views

MAL-2024-912 Malicious code in wlwz-2312-8203 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6157f55472c57f53d1d451afa02655698597f9535be7021e5e9f9b0552863e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Circl
Circl
added 2024/01/16 7:12 p.m.8 views

CVE-2019-8203

creationtimestamp| type| source ---|---|--- 2024-01-16 19:12:17+00:00| seen| https://t.me/ctinow/168956...

8.8CVSS7.9AI score0.03637EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 5:31 p.m.35 views

Security Bulletin: Watson Machine Learning Accelerator on Cloud Pak for Data Version is affected by multiple vulnerabilties

Summary Mutiple open source vulnerabilties affects Watson Machine Learning Accelerator on Cloud Pak for Data Version 2.3.3 and have been addressed in version 2.3.4. Vulnerability Details CVEID:CVE-2021-23566 DESCRIPTION: Nanoid could allow a local attacker to obtain sensitive information, caused ...

9.1CVSS9.6AI score0.42326EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 10:42 a.m.56 views

Security Bulletin: Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center [CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2021-23337 and CVE-2018-16487]

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

9.1CVSS8.4AI score0.2241EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 3:1 p.m.52 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203

Summary There are vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2020-9281 DESCRIPTION: CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

7.4CVSS6.7AI score0.2241EPSS
Exploits6Affected Software1
Huntr
Huntr
added 2023/02/20 2:52 a.m.440 views

Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203

Description Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203 Proof of Concept 1 Go to https://localhost/Cockpit/modules/App/assets/vendor/lodash.js?ver=2.3.9-1676855050 and note that lodash version is 4.17.15 2 Go to https://localhost/Cockpit/ 3 Open Web Devloper tools Ctrl+Shift+I usin...

1.7CVSS6.6AI score0.05213EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/08 7:0 p.m.96 views

Security Bulletin: CVE-2020-8203

Summary Prototype pollution attack when using .zipObjectDeep in lodash before 4.17.20. Vulnerability Details CVEID: CVE-2020-8203 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability usi...

7.4CVSS1.3AI score0.05213EPSS
Exploits1Affected Software1
Circl
Circl
added 2022/07/04 6:20 p.m.5 views

CVE-2020-8203

creationtimestamp| type| source ---|---|--- 2022-07-04 18:20:38+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1478 2023-12-10 14:09:17+00:00| seen| https://t.me/arpsyndicate/1632 2023-12-18 08:43:58+00:00| seen| https://t.me/arpsyndicate/1949 2026-01-20 13:55:09+00:00|...

7.4CVSS6.7AI score0.05213EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/27 3:53 a.m.55 views

Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)

Summary lodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21. Vulnerability Details CVEID: CVE-2019-1010266 DESCRIPTION: Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By...

9.1CVSS0.9AI score0.2241EPSS
Exploits9Affected Software1
Rows per page
Query Builder