Lucene search
+L

751 matches found

CNNVD
CNNVD
added 2025/08/02 12:0 a.m.4 views

Partner Software和Partner Software Partner Web 安全漏洞

Partner Software and Partner Software Partner Web are both products of Partner Software, a U.S.-based company.Partner Software is a geographic information system application.Partner Software Partner Web is a back-end system that provides review of reports on the Partner Software is a GIS...

9.8CVSS6.3AI score0.0069EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/02 12:0 a.m.6 views

Partner Software和Partner Software Partner Web 安全漏洞

Partner Software and Partner Software Partner Web are both products of Partner Software, a U.S.-based company.Partner Software is a geographic information system application.Partner Software Partner Web is a back-end system that provides review of reports on the Partner Software is a GIS...

8.8CVSS6.4AI score0.00605EPSS
Exploits0References2
CNVD
CNVD
added 2025/06/24 12:0 a.m.5 views

WeGIA SQL Injection Vulnerability (CNVD-2025-17301)

WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-end database...

9.8CVSS7.8AI score0.00418EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/06/18 11:1 a.m.7 views

CVE-2022-50049

In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcmaddpaths, it doesn't check whether the picked BE actually supports for the given stream direction. Due to that, when an asymmetric ...

5.5CVSS5.3AI score0.00157EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:52 a.m.10 views

CVE-2023-46134

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

9.8CVSS7.2AI score0.00756EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:50 a.m.9 views

CVE-2022-20942

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...

6.5CVSS6.2AI score0.00891EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:25 p.m.13 views

CVE-2021-38162

SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83 processes allow an unauthenticated attacker to submit a malicious crafted request over a network to a front-end server which may,...

9.4CVSS8.6AI score0.02686EPSS
Exploits2References1
Fedora
Fedora
added 2025/04/21 4:47 p.m.20 views

[SECURITY] Fedora 41 Update: rust-idna_adapter-1.2.0-1.fc41

Back end adapter for idna...

7.4AI score
Exploits0
Fedora
Fedora
added 2025/04/21 1:41 a.m.12 views

[SECURITY] Fedora 40 Update: rust-idna_adapter-1.2.0-1.fc40

Back end adapter for idna...

7.4AI score
Exploits0
OSV
OSV
added 2025/03/20 10:11 a.m.5 views

CVE-2024-9612 Unauthorized Access in danswer-ai/danswer

In danswer-ai/danswer v0.3.94, administrators can set the visibility of pages within a workspace, including the search page. When the search page is set to be invisible, regular users cannot view the search page or access its functionalities from the front-end interface. However, the back-end doe...

6.5CVSS6.6AI score0.00662EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.6 views

GPT Academic 代码注入漏洞

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a command injection vulnerability that stems from a security issue with the CodeInterpreter plugin, which can be exploited by an attacker to achieve Remote Co...

8.8CVSS7.8AI score0.01348EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

Danswer 安全漏洞

Danswer is Danswer AI open source an artificial intelligence assistant that connects to company documents, applications and people. A security vulnerability exists in Danswer version v0.3.94, which stems from the back-end not validating the visibility status of a search page, which could allow an...

6.5CVSS6.5AI score0.00662EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.10 views

NetEase QAnything 安全漏洞

NetEase QAnything is a local knowledge base question and answer system dedicated to supporting arbitrary format files or databases from China's NetEase NetEase, which can be installed and used offline. A security vulnerability exists in NetEase QAnything, which stems from a cross-site request...

8.1CVSS8AI score0.00228EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.5 views

Esri ArcGIS Server SQL注入漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. Esri ArcGIS Server suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker could use this...

9.6CVSS7.6AI score0.00472EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 4:49 a.m.10 views

CVE-2021-37626

Contao is an open source CMS that allows you to create websites and scalable web applications. In affected versions it is possible to load PHP files by entering insert tags in the Contao back end. Installations are only affected if they have untrusted back end users who have the rights to modify...

7.2CVSS6.8AI score0.01254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:38 p.m.18 views

CVE-2022-41731

IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402...

9.8CVSS7.2AI score0.00858EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 4:43 p.m.3 views

Malicious code in @test6uy767/back-end (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/01/28 1:15 a.m.5 views

CVE-2023-50316

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

9.8CVSS5.9AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.6 views

AutoLib Software Systems OPAC 安全漏洞

AutoLib Software Systems OPAC is a library management software from AutoLib Software Systems. A security vulnerability exists in AutoLib Software Systems OPAC version v20.10, which stems from the exposure of multiple API keys in the code. An attacker could use these keys to access back-end APIs o...

7.5CVSS7.6AI score0.00531EPSS
Exploits1References3
OSV
OSV
added 2025/01/25 3:15 p.m.4 views

CVE-2024-35148

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

8.8CVSS5.9AI score0.00346EPSS
Exploits0References1
Rows per page
Query Builder