Lucene search
K

16 matches found

CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in Hackney versions 0 through prior to 4.0.1, which stems from a URL query component that does not percentile encode CRLF characters, potentially resulting in HTTP request splitting...

7.5CVSS5.8AI score0.00421EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.8 views

free5GC 代码问题漏洞

Free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of Free5GC prior to 4.1.0 contain code vulnerabilities. These vulnerabilities stem from a flaw in the SessionDeletionResponse function within the SMF component, which may lead to null pointer dereferencing...

7.5CVSS6.1AI score0.00526EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.9 views

PT-2026-2179

Name of the Vulnerable Software and Affected Versions CoreShop versions prior to 4.1.8 Description CoreShop is a Pimcore enhanced eCommerce solution. A blind SQL injection exists in the application that allows an authenticated administrator-level user to extract database contents using...

4.9CVSS7.2AI score0.00391EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 5:6 p.m.5 views

CVE-2020-11456

LimeSurvey before 4.1.12+200324 has stored XSS in application/views/admin/surveysgroups/surveySettings.php and application/models/SurveysGroups.php aka survey groups...

5.4CVSS5.8AI score0.70841EPSS
Exploits4References1
CVE
CVE
added 2025/03/31 9:43 p.m.83 views

CVE-2025-31684

CVE-2025-31684 affects Drupal OAuth2 Client (versions 0.0.0 through 4.1.2). The issue is a Cross-Site Request Forgery (CSRF) vulnerability in the OAuth2 Client module that can enable unauthorized actions on behalf of a user. According to CVSS data, impact includes high integrity and availability ...

6.8CVSS6.7AI score0.00167EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/17 7:7 a.m.6 views

WordPress Logo Slider plugin < 4.1.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Logo Slider versions 4.1.0...

7.6CVSS6.1AI score0.00464EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/05/01 12:0 a.m.4 views

Dell OpenManage Enterprise 跨站脚本漏洞

Dell OpenManage Enterprise is an easy-to-use, one-to-many systems management console for IT infrastructure management from Dell. The software supports cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. A cross-site scripting vulnerability exist...

5.1CVSS6AI score0.00257EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.4 views

PT-2023-15186 · Repute Infosystems · Armember

Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARMember plugin versions prior to 4.0.1 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially...

7.1CVSS6.3AI score0.00382EPSS
Exploits0References3
OSV
OSV
added 2023/01/31 5:15 a.m.5 views

AZL-43768 CVE-2022-25881 affecting package nodejs-nodemon 2.0.3-4

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library...

7.5CVSS6.7AI score0.01613EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.6 views

Intel Data Center Manager 安全漏洞

Intel Data Center Manager is a software solution from Intel Corporation. It collects and analyzes real-time operating conditions, power, and heat of various devices in the data center to help improve efficiency and uptime. A security vulnerability exists in Intel Data Center Manager software...

8.8CVSS7.9AI score0.00387EPSS
Exploits0References3
OSV
OSV
added 2022/07/11 8:15 p.m.4 views

CVE-2020-35168

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...

9.8CVSS6.8AI score0.00483EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/06 12:0 a.m.4 views

ECDSA Util 数据伪造问题漏洞

ECDSA Util is a collection of applets for ECDSA. A security vulnerability exists in ECDSA Util versions prior to 0.4.1, which stems from ecdsaverifypreparelegacy not checking that the signature values r and s are non-zero...

10CVSS8AI score0.01038EPSS
Exploits0References13
OSV
OSV
added 2019/12/11 10:15 p.m.5 views

CVE-2019-0398

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform Monitoring Application, before versions 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery...

8.8CVSS7.3AI score0.00454EPSS
Exploits0References2
OSV
OSV
added 2019/06/13 4:29 p.m.5 views

CVE-2019-11119

Insufficient session validation in the service API for IntelR RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access...

9.8CVSS7.3AI score0.01996EPSS
Exploits0References2
OSV
OSV
added 2018/07/13 2:29 p.m.6 views

AZL-44094 CVE-2018-14042 affecting package python-openstackdocstheme 3.0.0-9

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...

6.1CVSS6.7AI score0.04009EPSS
Exploits1References1
OSV
OSV
added 2018/04/12 3:29 p.m.5 views

CVE-2018-9118

exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. in the filename parameter...

7.5CVSS5.8AI score0.48158EPSS
Exploits4References3
Rows per page
Query Builder