Lucene search
K

1312 matches found

OSV
OSV
added 2022/09/12 7:15 p.m.4 views

CVE-2022-31225

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures...

5.1CVSS5.8AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2022/09/12 7:15 p.m.3 views

CVE-2022-31223

Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system...

2.3CVSS5.8AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2022/09/09 3:15 p.m.5 views

CVE-2022-38068

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Apasionados Export Post Info plugin = 1.1.0 at WordPress...

4.8CVSS5.8AI score0.00437EPSS
Exploits0References2
OSV
OSV
added 2022/09/09 3:15 p.m.4 views

CVE-2022-37404

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Christian Salazar's add2fav plugin = 1.0 at WordPress...

4.8CVSS5.8AI score0.00437EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/09/06 6:15 p.m.2 views

CVE-2022-2717

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of...

7.2CVSS6AI score0.01105EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.5 views

WordPress plugin Ajax Load More 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.9CVSS5.2AI score0.01416EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.6 views

WordPress plugin Ajax Load More 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.9CVSS5.5AI score0.01279EPSS
Exploits2References5
OSV
OSV
added 2022/08/23 7:15 a.m.2 views

CVE-2022-34486

Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors...

7.2CVSS5.9AI score0.01116EPSS
Exploits0References2
OSV
OSV
added 2022/08/22 3:15 p.m.2 views

CVE-2021-36847

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in WebbaPlugins Webba Booking plugin = 4.2.21 at WordPress...

4.8CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/16 12:0 a.m.5 views

PT-2022-5788 · Fortinet · Fortimanager +1

Name of the Vulnerable Software and Affected Versions: FortiManager versions 6.0.0 through 6.0.11 FortiManager versions 6.2.0 through 6.2.9 FortiManager versions 6.4.0 through 6.4.7 FortiManager versions 7.0.0 through 7.0.3 FortiManager version 7.2.0 FortiAnalyzer versions 6.0.0 through 6.0.12...

4.3CVSS3.5AI score0.0055EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.4 views

Siemens SCALANCE 安全漏洞

SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 industrial routers are used for secure remote access to plants over mobile networks e.g. GPRS or UMTS with integrated security features of firewalls to prevent unauthorized access, and VPNs to protect data transmission.SCALANCE SC-600 devices...

6.8CVSS6.8AI score0.00794EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2022/08/03 9:20 p.m.27 views

Exploit for Cross-Site Request Forgery (CSRF) in F5 Big-Iq_Centralized_Management

This is a proof of concept for CVE-2022-41622, which is a CSRF i...

8.8CVSS8.1AI score0.87987EPSS
Exploits7
CNNVD
CNNVD
added 2022/08/03 12:0 a.m.5 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An improper privilege management vulnerability exists in F5 BIG-IP iControl REST, which can be exploited by an authenticated...

9.1CVSS5.5AI score0.00616EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/08/01 7:15 p.m.34 views

CVE-2022-31177

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The...

2.7CVSS5.8AI score0.00594EPSS
Exploits0References3
OSV
OSV
added 2022/07/21 4:15 a.m.2 views

CVE-2022-20873

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS6.2AI score0.00947EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/07/21 4:0 a.m.4 views

CVE-2022-20910 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

4.7CVSS6.5AI score0.00947EPSS
Exploits0References1
OSV
OSV
added 2022/07/20 7:15 p.m.3 views

CVE-2021-36849

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in René Hermenau's Social Media Share Buttons plugin = 3.8.1 at WordPress...

4.8CVSS5.8AI score0.00438EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.5 views

CVE-2022-20904

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.00876EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.4 views

CVE-2022-20875

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.01081EPSS
Exploits0References2
OSV
OSV
added 2022/07/12 9:15 p.m.4 views

CVE-2022-32246

SAP Busines Objects Business Intelligence Platform Visual Difference Application - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impac...

4.6CVSS5.8AI score0.00387EPSS
Exploits0References2
Rows per page
Query Builder