CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

Circl•added 2025/03/17 4:47 p.m.•1 views

CVE-2024-9055

creationtimestamp| type| source ---|---|--- 2025-03-17 16:47:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7791...

4.2CVSS4.8AI score0.00148EPSS

Exploits0References1

Tenable Nessus•added 2025/03/04 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2018-9055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c. CVE-2018-9055 Note that Nessus relies o...

5.5CVSS6.2AI score0.0052EPSS

Exploits1References3

Tenable Nessus•added 2025/03/04 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2017-9055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarfformsdata a few data types were not checked for being in bounds, leading to...

9.8CVSS7.1AI score0.00403EPSS

Exploits0References3

Tenable Nessus•added 2024/06/03 12:0 a.m.•16 views

RHEL 7 : libdwarf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libdwarf: heap-based buffer over-read in dwarfformsdata CVE-2017-9055 - Use-after-free vulnerability in...

9.8CVSS6.6AI score0.02676EPSS

Exploits24References37

Tenable Nessus•added 2024/05/11 12:0 a.m.•20 views

RHEL 7 : libdwarf (Unpatched Vulnerability)

7.7AI score0.02676EPSS

Exploits24References38

Openbugbounty•added 2022/07/04 9:3 a.m.•14 views

incose.se Cross Site Scripting vulnerability OBB-2719055

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

Tenable Nessus•added 2020/08/26 12:0 a.m.•48 views

FreeBSD : jasper -- multiple vulnerabilities (6842ac7e-d250-11ea-b9b7-08002728f74c)

JasPer NEWS : - Fix CVE-2018-9154 - Fix CVE-2018-19541 - Fix CVE-2016-9399, CVE-2017-13751 - Fix CVE-2018-19540 - Fix CVE-2018-9055 - Fix CVE-2017-13748 - Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 - Fix CVE-2018-9252 - Fix CVE-2018-19139 - Fix CVE-2018-19543, CVE-2017-9782 - Fix...

8.8CVSS6.5AI score0.0411EPSS

Exploits17References23

FreeBSD•added 2020/07/28 12:0 a.m.•45 views

jasper -- multiple vulnerabilities

JasPer NEWS: - Fix CVE-2018-9154 - Fix CVE-2018-19541 - Fix CVE-2016-9399, CVE-2017-13751 - Fix CVE-2018-19540 - Fix CVE-2018-9055 - Fix CVE-2017-13748 - Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 - Fix CVE-2018-9252 - Fix CVE-2018-19139 - Fix CVE-2018-19543, CVE-2017-9782 - Fix CVE-2018-205...

8.8CVSS1.3AI score0.0411EPSS

Exploits17References1

Cvelist•added 2020/03/30 8:50 p.m.•14 views

CVE-2020-9055 Versiant Lynx Customer Service Portal version 3.5.2 is vulnerable to stored cross-site scripting, which may allow an attacker to execute arbitrary JavaScript

Versiant LYNX Customer Service Portal CSP, version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, session cookie hijacking, or...

3.9CVSS5.1AI score0.00309EPSS

Exploits0References2

CVE•added 2020/03/30 8:50 p.m.•66 views

CVE-2020-9055

Versiant LYNX CSP 3.5.2 is vulnerable to stored cross-site scripting due to insufficient input validation, enabling a local, authenticated attacker to inject JavaScript that is stored and executed for end users (possible redirects, session cookie hijacking, information disclosure). The issue is d...

5.4CVSS4.5AI score0.00309EPSS

Exploits0References2Affected Software1

CERT•added 2020/03/30 12:0 a.m.•20 views

Versiant LYNX Customer Service Portal is vulnerable to stored cross-site scripting

Overview The Versiant LYNX Customer Service Portal version 3.5.2 is vulnerable to stored cross-site scripting, which may allow a local, authenticated attacker to execute arbitrary JavaScript. Description The Versiant LYNX Customer Service Portal CSP is a "full-service customer portal that provide...

5.4CVSS5.2AI score0.00309EPSS

Exploits0References6

OpenVAS•added 2020/01/23 12:0 a.m.•29 views

Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2019-2282)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.00965EPSS

Exploits3References2

Circl•added 2019/11/13 2:45 p.m.•6 views

CVE-2019-9055

creationtimestamp| type| source ---|---|--- 2019-11-13 14:45:46+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cmsmsobjectinjectionrce.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:19+00:00| seen...

8.8CVSS8.7AI score0.31988EPSS

Exploits3References1

Packet Storm•added 2019/11/13 12:0 a.m.•1737 views

CMS Made Simple 2.2.8 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CMS Made Simple Authenticated RCE via object injection', 'Description' = %q An issue was discovered in CMS Made Simple 2.2.8. In the module...

6.5CVSS0.1AI score0.31988EPSS

Exploits3

CVE•added 2019/03/26 4:25 p.m.•236 views

CVE-2019-9055

CMS Made Simple 2.2.8 contains a vulnerability in the DesignManager module (action.admin_bulk_css.php and action.admin_bulk_template.php) where an unserialize call on m1_allparms can be triggered by an unprivileged user with Designer permission to achieve object injection, enabling authenticated ...

8.8CVSS8.7AI score0.31988EPSS

Exploits3References4Affected Software1

Tenable Nessus•added 2018/05/29 12:0 a.m.•32 views

openSUSE Security Update : jasper (openSUSE-2018-531)

This update for jasper fixes the following issues : - CVE-2018-9055: denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c could lead to denial of service. bsc1087020 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL...

5.5CVSS6.2AI score0.0052EPSS

Exploits1References2

OpenVAS•added 2018/05/29 12:0 a.m.•24 views

openSUSE: Security Advisory for jasper (openSUSE-SU-2018:1440-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6.6AI score0.0052EPSS

Exploits1References2

OSV•added 2018/05/25 1:5 p.m.•3 views

SUSE-SU-2018:1424-1 Security update for jasper

This update for jasper fixes the following issues: - CVE-2018-9055: denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c could lead to denial of service. bsc1087020...

5.5CVSS5.9AI score0.0052EPSS

Exploits1References3