Lucene search
K

30 matches found

NVD
NVD
added 2026/06/09 5:17 p.m.11 views

CVE-2026-48266

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS0.00283EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2026/02/16 10:56 a.m.10 views

Advisory ROSA-SA-2026-3182

Software: sqlite 3.26.0 OS: ROSA Virtualization 3.0 unaffected versions = sqlite-3.26.0-20.rv30 affected versions sqlite-3.26.0-20.rv30 CVE-ID: CVE-2025-6965 BDU-ID: 2025-08786 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Aggregate Term Handler component of the SQLite database management syst...

7.7CVSS6.6AI score0.73495EPSS
Exploits3
NVD
NVD
added 2026/02/10 6:16 p.m.14 views

CVE-2026-21339

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that...

5.5CVSS0.00153EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.5 views

CVE-2025-69421 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2025-69421 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

7.5CVSS5.4AI score0.00844EPSS
Exploits1
Cvelist
Cvelist
added 2025/12/18 2:32 p.m.28 views

CVE-2025-64464 Out-of-Bounds Read in lvre!VisaWriteFromFile() in NI LabVIEW

There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. Th...

8.5CVSS0.00132EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/23 2:46 a.m.5 views

SUSE CVE-2017-3468

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

3.5CVSS5.9AI score0.009EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.6 views

PT-2025-5515 · Kiboko · Kiboko Labs Chained Quiz

Name of the Vulnerable Software and Affected Versions: Kiboko Labs Chained Quiz versions 1.3.2.9 and earlier Description: A Server-Side Request Forgery SSRF issue allows for server-side request forgery. This issue may potentially be exploited to access internal resources or conduct further attack...

4.4CVSS7AI score0.00318EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/09 12:0 a.m.3 views

PT-2024-34844 · Doofinder · Doofinder

Name of the Vulnerable Software and Affected Versions: Doofinder versions 0.5.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS or Reflected XSS. This type of issue allows an attacker to inject...

7.1CVSS6.1AI score0.00275EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/12 12:0 a.m.7 views

Gambio Log Information Disclosure Vulnerability

Gambio is an all-in-one e-commerce solution from Gambio, Inc. A log information disclosure vulnerability exists in Gambio 4.9.2.0 and earlier versions, which originates from a vulnerability that allows attackers to obtain sensitive information via error-handler.log.json and...

2.7CVSS6.1AI score0.00442EPSS
Exploits1References2
OSV
OSV
added 2024/02/02 7:15 a.m.4 views

CVE-2024-21780

Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service DoS condition. Note that the affected products are no longer supported...

7.5CVSS6AI score0.0065EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.7 views

PT-2023-15085 · Unknown · Kaizencoders Short Url

Name of the Vulnerable Software and Affected Versions: KaizenCoders Short URL versions 1.6.4 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.8CVSS9.5AI score0.00685EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/10/31 2:25 a.m.10 views

SUSE CVE-2021-35622

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS5.6AI score0.01294EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/01 12:0 a.m.5 views

PT-2023-24630 · Unknown · Shopconstruct

Name of the Vulnerable Software and Affected Versions: ShopConstruct plugin versions 1.1.2 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the ShopConstruct plugin...

7.1CVSS5.2AI score0.0032EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.16 views

PT-2023-16743 · WordPress · Wp Plugin Manager

Name of the Vulnerable Software and Affected Versions: WP Plugin Manager versions prior to 1.1.8 Description: The issue concerns a lack of CSRF check when activating plugins, which could allow attackers to make logged-in admins activate arbitrary plugins present on the blog via a CSRF attack...

4.3CVSS8.8AI score0.00252EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.7 views

SUSE CVE-2022-21526

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5AI score0.01387EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/03 12:0 a.m.5 views

Fuji Electric Monitouch V-SFT和TELLUS 缓冲区错误漏洞

Fuji Electric Monitouch V-SFT and Fuji Electric TELLUS are both products of Fuji Electric Japan.Fuji Electric Monitouch V-SFT is a screen configuration software.Fuji Electric TELLUS is an advanced features, user-friendliness, and specialized software for remote control. A security vulnerability...

7.8CVSS7.8AI score0.00243EPSS
Exploits0References4
OSV
OSV
added 2022/05/04 4:15 p.m.3 views

CVE-2021-20051

SonicWall Global VPN Client 4.10.7.1117 installer 32-bit and 64-bit and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system...

7.8CVSS5.9AI score0.00697EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/10/26 12:0 a.m.4 views

PT-2021-4773 · Adobe · Character Animator

Name of the Vulnerable Software and Affected Versions: Adobe Character Animator versions 4.4 and earlier Description: The issue is related to a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User...

9.3CVSS6.6AI score0.0155EPSS
Exploits0References5
OSV
OSV
added 2021/10/20 11:17 a.m.4 views

UBUNTU-CVE-2021-35621

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

6.3CVSS6.9AI score0.46751EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/19 12:0 a.m.10 views

PT-2021-21037 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.26 and prior Description: The issue allows a high privileged attacker with network access via multiple protocols to compromise the MySQL Server. Successful attacks can result in unauthorized update, insert, or delete...

10CVSS6.8AI score0.87816EPSS
Exploits22References829
Rows per page
Query Builder