Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2025/08/23 4:16 p.m.5 views

CVE-2025-9306

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...

5.4CVSS3.7AI score0.00251EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/21 3:32 p.m.14 views

CVE-2025-9306 SourceCodester Advanced School Management System addNotice cross site scripting

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...

5.1CVSS0.00251EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/21 3:32 p.m.4 views

CVE-2025-9306 SourceCodester Advanced School Management System addNotice cross site scripting

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...

5.1CVSS6.5AI score0.00251EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 8:56 a.m.5 views

CVE-2019-9306

In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661348...

8.8CVSS7.9AI score0.00714EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:4 p.m.10 views

CVE-2020-9306

Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account...

8.8CVSS6.9AI score0.01165EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/11/19 12:0 a.m.30 views

Oracle Linux 9 : httpd (ELSA-2024-9306)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9306 advisory. - Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix - Resolves: RHEL-31856 - httpd: HTTP response splitting CVE-2023-38709 - Resolves:...

9.8CVSS7.1AI score0.8377EPSS
Exploits5References3
Circl
Circl
added 2024/10/04 10:10 a.m.5 views

CVE-2024-9306

creationtimestamp| type| source ---|---|--- 2024-10-04 10:10:54+00:00| seen| https://t.me/cvedetector/6966...

4.8CVSS4.8AI score0.00296EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/06/15 12:0 a.m.110 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9306)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9306 advisory. - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 CVE-2021-23133 - dm ioctl: fix out of bounds...

8.1CVSS6.8AI score0.06563EPSS
Exploits1References6
Circl
Circl
added 2021/02/18 2:49 a.m.7 views

CVE-2020-9306

creationtimestamp| type| source ---|---|--- 2021-02-18 02:49:27+00:00| seen| https://t.me/cibsecurity/23788 2021-02-19 12:11:34+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2735...

8.8CVSS8.2AI score0.01165EPSS
Exploits1References2
CVE
CVE
added 2021/02/17 11:11 p.m.84 views

CVE-2020-9306

CVE-2020-9306 affects Digi ConnectPort X2e devices (SolarCity/Tesla branding) with hardcoded credentials stored in a .pyc-compiled file used at boot. FireEye analysis shows password_manager.pyc in /WEB/python/ contains five plaintext credentials for the python system user, enabling web and SSH ac...

8.8CVSS8.7AI score0.01165EPSS
Exploits1References4Affected Software1
FireEye
FireEye
added 2021/02/17 12:0 a.m.266 views

Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device (Part Two)

In this post, we continue our analysis of the SolarCity ConnectPort X2e Zigbee device referred to throughout as X2e device. In Part One, we discussed the X2e at a high level, performed initial network-based attacks, then discussed the hardware techniques used to gain a remote shell on the X2e...

7.2CVSS8.6AI score0.01165EPSS
Exploits2References8
OSV
OSV
added 2019/09/27 7:15 p.m.3 views

CVE-2019-9306

In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661348...

8.8CVSS7.7AI score0.00714EPSS
Exploits0References1
CVE
CVE
added 2019/09/27 6:5 p.m.67 views

CVE-2019-9306

CVE-2019-9306 affects Android 10 Media Framework, specifically the libMpegTPDec component, where an out-of-bounds write caused by an integer overflow could enable remote code execution with user interaction. The issue is documented across multiple sources (NVD/Red Hat/PRION) with the Android bull...

8.8CVSS9AI score0.00714EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2019/08/12 6:28 p.m.4 views

CVE-2015-9306

creationtimestamp| type| source ---|---|--- 2019-08-12 18:28:28+00:00| seen| https://t.me/cibsecurity/6061...

6.1CVSS6AI score0.00958EPSS
Exploits0References1
NVD
NVD
added 2019/08/12 3:15 p.m.14 views

CVE-2015-9306

The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS...

6.1CVSS6.4AI score0.00958EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/12 2:41 p.m.15 views

CVE-2015-9306

The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS...

6.4AI score0.00958EPSS
Exploits0References1
CVE
CVE
added 2019/08/12 2:41 p.m.38 views

CVE-2015-9306

The CVE-2015-9306 entry concerns the WordPress plugin wp-ultimate-csv-importer; versions prior to 3.8.1 are affected by a Cross-Site Scripting (XSS) vulnerability. The issue arises from inadequate validation of client-side data. Impact is XSS execution within the context of the user’s browser; ex...

6.1CVSS6.4AI score0.00958EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2018/04/12 9:53 p.m.27 views

CVE-2018-9306

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.5CVSS6.6AI score0.02172EPSS
Exploits1References1
CVE
CVE
added 2018/04/04 9:0 p.m.99 views

CVE-2018-9306

CVE-2018-9306 is a rejected/reserved candidate and does not represent an active vulnerability entry.

6.5AI score
Exploits0
Cvelist
Cvelist
added 2018/04/04 9:0 p.m.22 views

CVE-2018-9306

...

Exploits0
Rows per page
Query Builder