Lucene search
K

92 matches found

vulnersOsv
vulnersOsv
added 2025/05/14 12:31 p.m.9 views

org.apache.iotdb:integration-test (=2.0.1-beta), org.apache.iotdb:iotdb-cli (=2.0.1-beta) +2 more potentially affected by CVE-2025-26795 via org.apache.iotdb:iotdb-jdbc (>=2.0.1-beta <=2.0.2-1)

org.apache.iotdb:iotdb-jdbc MAVEN version =2.0.1-beta, =2.0.1-beta, =2.0.2-1 Source cves: CVE-2025-26795 Source advisory: SNYK:JAVA-ORGAPACHEIOTDB-10176117...

7.5CVSS5.8AI score0.00709EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/13 10:11 p.m.21 views

CVE-2025-4547

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely...

4.8CVSS6.5AI score0.00307EPSS
Exploits1References1
Tibco
Tibco
added 2025/05/13 4:59 p.m.20 views

TIBCO Security Advisory: May 13, 2025 - TIBCO BPM Enterprise - CVE-2025-2261

TIBCO BPM Enterprise XSS Vulnerability Original release date: May 13, 2025 Last revised: --- CVE-2025-2261 Source: TIBCO Software Inc. Products Affected TIBCO BPM Enterprise Component Affected TIBCO ActiveMatrix Administrator Description Stored XSS occurs when a web application gathers input from...

7CVSS6.2AI score0.003EPSS
Exploits0
NVD
NVD
added 2025/05/07 2:15 p.m.8 views

CVE-2025-29154

HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...

6.5CVSS0.00421EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.7 views

PT-2025-20294 · Unknown · Koillection

Name of the Vulnerable Software and Affected Versions: Koillection version 1.6.10 Description: A Cross Site Scripting issue allows a remote attacker to escalate privileges via the collection, Wishlist, and album components. Recommendations: For Koillection version 1.6.10, consider restricting...

6.1CVSS6.2AI score0.0024EPSS
Exploits1References12
vulnersOsv
vulnersOsv
added 2025/03/03 12:30 p.m.6 views

org.apache.streampipes:streampipes-backend (>=0.66.0 <=0.90.0), org.apache.streampipes:streampipes-platform-services (>=0.68.0 <=0.95.1) +2 more potentially affected by CVE-2024-24778 via org.apache.streampipes:streampipes-rest (>=0.66.0 <=0.95.1)

org.apache.streampipes:streampipes-rest MAVEN version =0.66.0, =0.66.0, =0.68.0, =0.91.0, =0.93.0, =0.95.0 Source cves: CVE-2024-24778 Source advisory: SNYK:JAVA-ORGAPACHESTREAMPIPES-9058044...

6.5CVSS5.8AI score0.00615EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/06 12:31 p.m.15 views

org.apache.james.examples:custom-james-assembly (>=3.7.0 <=3.7.5), org.apache.james:apache-james-mpt-antlib (>=3.0.0 <=3.0.1) +31 more potentially affected by CVE-2024-37358 via org.apache.james.protocols:protocols-imap (>=3.0.0-RC1 <=3.7.5)

org.apache.james.protocols:protocols-imap MAVEN version =3.0.0-RC1, =3.7.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.4.0, =3.0.0, =3.0.0, =3.7.0, =3.0.0, =3.0.0, =3.6.2 and more Source cves: CVE-2024-37358 Source advisory: OSV:GHSA-56JP-W6VW-J3JW...

8.6CVSS5.8AI score0.00856EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 2:48 p.m.10 views

CVE-2020-15154

baserCMS 4.3.6 and earlier is affected by Cross Site Scripting XSS via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components are: contentfields.php, contentinfo.php, contentoptions.php, contentrelated.php, indexlisttree.php, jquery.bcTree.js...

7.3CVSS5.9AI score0.01011EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/04 12:30 p.m.7 views

com.ericsson.bss.cassandra.ecaudit:ecaudit_c4.1 (>=3.0.0 <=3.1.0), com.instaclustr:cassandra-ldap-4.1.0 (=1.0.0) +20 more potentially affected by CVE-2025-24860 via org.apache.cassandra:cassandra-all (>=4.1.0 <=4.1.6)

org.apache.cassandra:cassandra-all MAVEN version =4.1.0, =3.0.0, =4.1.0, =4.1.0, =4.1.0, =2.1.0-ALPHA-8, =0.13.0, =2.6.0, =2.10.0, =2.17.0 and more Source cves: CVE-2025-24860 Source advisory: OSV:GHSA-3CJF-FWCQ-XH22...

5.4CVSS6.7AI score0.01056EPSS
Exploits0
OSV
OSV
added 2024/02/07 9:18 a.m.25 views

CVE-2023-51437 Apache Pulsar: Timing attack in SASL token signature verification

Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended to upgrade to version 2.11.3, 3.0.2, or 3.1.1 which fixes the issue. Users should also consider...

7.4CVSS7AI score0.00763EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/31 12:0 a.m.6 views

The vulnerability in the components of lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c of the RPM file size reduction software allows a hacker to execute arbitrary code.

The vulnerability of components such as lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c in the RPM file size reduction software is related to integer overflow. Exploiting this vulnerability can allow an attacker, operating locally, to gain unauthorized access to protect...

7.8CVSS7.3AI score0.00261EPSS
Exploits0References5Affected Software3
ATTACKERKB
ATTACKERKB
added 2023/08/08 3:15 p.m.6 views

CVE-2023-36306

A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components...

6.1CVSS6.8AI score0.03771EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.3 views

PT-2023-25521 · Adiscon · Loganalyzer

Name of the Vulnerable Software and Affected Versions: Adiscon LogAnalyzer versions through 4.1.13 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via the "asktheoracle.php", "details.php", "index.php", "search.php", "export.php", "reports.php", an...

6.1CVSS6.3AI score0.03771EPSS
Exploits4References6
CNNVD
CNNVD
added 2023/07/20 12:0 a.m.7 views

Cisco BroadWorks 安全漏洞

Cisco BroadWorks is a carrier-grade unified communications software platform from Cisco. It is used to deploy cloud calls from public network platforms on any type of wired or wireless network architecture. A security vulnerability exists in Cisco BroadWorks that stems from a flaw in the privileg...

7.8CVSS7.3AI score0.00148EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/12 1:38 p.m.40 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to cross-site scripting (CVE-2022-0225)

Summary IBM i Modernization Engine for Lifecycle Integration platform component is vulnerable to cross-site scripting as described in the Vulnerability Details section. These components are used in IBM i Modernization Engine for Lifecycle Integration for infrastructure support in the platform. IB...

5.4CVSS7.3AI score0.02731EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/12 12:0 a.m.5 views

PT-2022-17444 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a possible buffer overflow due to the lack of buffer length check during management frame Rx handling, which can lead to denial of service in various...

5.5CVSS5.7AI score0.0011EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/05/17 5:35 a.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +76 more potentially affected by CVE-2011-1772 via org.apache.struts:struts2-core (>=2.0.5 <=2.2.1.1)

org.apache.struts:struts2-core MAVEN version =2.0.5, =1.2.1, =0.6, =3.0, =2.4.0, =2.1.0, =3.0.2 and more Source cves: CVE-2011-1772 Source advisory: OSV:GHSA-56F8-G68R-J699...

2.6CVSS7.7AI score0.33111EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2022/05/17 5:2 a.m.4 views

br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2), com.fluxcorp.plugins:webservice-trigger (>=1.0.2 <=1.0.3) +39 more potentially affected by CVE-2011-1411 via org.opensaml:opensaml (=2.4.1)

org.opensaml:opensaml MAVEN version =2.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.opensaml:opensaml and may be impacted: - br.net.woodstock.rockframework:rockframework-web =1.2.1, =1.0.2, =2.8.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0,...

5.8CVSS5.8AI score0.02291EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 3:58 a.m.12 views

com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.0), org.jenkins-ci.lib:xtrigger-lib (=0.36) +13 more potentially affected by CVE-2016-0792 via org.jenkins-ci.main:jenkins-core (>=1.643 <=1.649)

org.jenkins-ci.main:jenkins-core MAVEN version =1.643, =4.0.9, =1.643, =1.643, =1.645, =0.5, =1.648, =4.0.4, =1.0.0, =1.643, =1.0.45, =0.3.2, =0.3.8 - org.jenkins.plugins.statistics.gatherer:statistics-gatherer =1.0.1 Source cves: CVE-2016-0792 Source advisory: OSV:GHSA-45RG-G72W-R393...

9CVSS6.7AI score0.82697EPSS
Exploits23
vulnersOsv
vulnersOsv
added 2022/05/14 1:4 a.m.5 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000407 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000407 Source advisory: OSV:GHSA-HV45-5J9H-7FHG...

6.1CVSS6.6AI score0.01534EPSS
Exploits0
Rows per page
Query Builder