Lucene search
K

29 matches found

NVD
NVD
added 2026/03/03 9:15 p.m.8 views

CVE-2026-24502

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

8.8CVSS0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.9 views

WordPress WP Maps plugin < 4.7.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Maps versions 4.7.2...

4.8CVSS5.9AI score0.00236EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/12/18 8:16 a.m.4 views

CVE-2025-64214

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MasterStudy LMS Pro: from n/a through 4.7.16...

7.5CVSS0.003EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:22 a.m.18 views

CVE-2025-64213

CVE-2025-64213 describes an information disclosure in the WordPress plugin MasterStudy LMS Pro (styles: MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro) where sensitive data can be retrieved due to insertion of sensitive information into sent data. Affected version range is Mas...

7.5CVSS6.5AI score0.00303EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-7910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging...

9.3CVSS6.3AI score0.02966EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.2 views

Ash Authentication 访问控制错误漏洞

Ash Authentication is an Ash authentication framework open-sourced by Alembic. An access control error vulnerability exists in Ash Authentication versions prior to 4.7.0 that originates in the GET request validation process and could lead to automatic account validation...

5.3CVSS6.6AI score0.00271EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.5 views

Siemens SIMATIC S7-1200 安全漏洞

SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. A denial of service vulnerability exists in Siemens SIMATIC S7-1200 CPU Family versions prior to V4.7, which can be...

8.7CVSS6.6AI score0.00566EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/10/15 12:0 a.m.4 views

CVE-2017-15275

...

7.5CVSS6.4AI score0.21408EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/19 12:0 a.m.3 views

PT-2024-29455 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: RuoYi versions prior to 4.7.9 Description: The issue allows a remote attacker to execute arbitrary code via the file upload method. This is a Cross Site Scripting vulnerability. Recommendations: For versions prior to 4.7.9, update to a versio...

6.1CVSS7.5AI score0.00486EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.8 views

PT-2024-23216 · Invision Power Services · Invision Community

Name of the Vulnerable Software and Affected Versions: Invision Community versions prior to 4.7.17 Description: The issue allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPScoremodulesadmineditor toolbar::addPlugin method. This method handles uploaded ZIP...

7.2CVSS8AI score0.00701EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2023/12/02 12:0 a.m.6 views

PT-2023-26852 · Dell · Dell Rugged Control Center

Name of the Vulnerable Software and Affected Versions: Dell Rugged Control Center versions prior to 4.7 Description: The issue is related to improper access control. A local malicious standard user could potentially exploit this to modify content in an unsecured folder when product installation...

7.8CVSS7.5AI score0.00201EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/02 12:0 a.m.5 views

Dell Rugged Control Center 安全漏洞

Dell Rugged Control Center is an application from Dell USA. It allows a range of settings to be configured on the ruggedized device, such as application settings, keyboard backlight settings, night mode settings, stealth mode settings, window settings, antenna switch settings and GPS settings. An...

7.8CVSS6.9AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/02 12:0 a.m.9 views

PT-2023-26851 · Dell · Dell Rugged Control Center

Name of the Vulnerable Software and Affected Versions: Dell Rugged Control Center versions prior to 4.7 Description: The issue is related to improper access control. A local malicious standard user could potentially exploit this to modify content in an unsecured folder during product installation...

7.8CVSS7.5AI score0.00201EPSS
Exploits0References4
OSV
OSV
added 2023/06/28 8:15 p.m.3 views

CVE-2021-25827

Emby Server 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address...

9.8CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/07 12:0 a.m.3 views

PT-2021-23099 · Zulip · Zulip

Name of the Vulnerable Software and Affected Versions: Zulip versions prior to 4.7 Description: Zulip is an open source team chat server that allows organization administrators to configure linkifiers, which automatically create links from messages sent by users, detected via arbitrary regular...

6.5CVSS6.4AI score0.01682EPSS
Exploits1References6
OSV
OSV
added 2021/05/30 11:2 a.m.1 views

OESA-2021-1196 nodejs-handlebars security update

Handlebars.js is an extension to the Mustache templating language created by Chris Wanstrath. Handlebars.js and Mustache are both logicless templating languages that keep the view and the code separated like we all know they should be. Security Fixes: The package handlebars before 4.7.7 are...

9.8CVSS7.2AI score0.04506EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2021/02/11 8:55 p.m.2 views

CVE-2021-21311 SSRF in adminer

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers e.g. adminer.php are affected. This is fixed in version 4.7.9...

7.2CVSS6.4AI score0.90461EPSS
Exploits3References5
Positive Technologies
Positive Technologies
added 2020/08/18 12:0 a.m.5 views

PT-2020-19730 · Irrelon · @Irrelon/Path

Name of the Vulnerable Software and Affected Versions: irrelon-path versions prior to 4.7.0 @irrelon/path versions prior to 4.7.0 Description: The issue concerns Prototype Pollution, which can be exploited via the set, unSet, pushVal, and pullVal functions. Recommendations: For irrelon-path...

9.8CVSS9.4AI score0.02821EPSS
Exploits1References7
CNVD
CNVD
added 2019/07/22 12:0 a.m.1 views

Firefly III Cross-Site Scripting Vulnerability (CNVD-2019-30778)

Firefly III is an open source personal financial management system. A cross-site scripting vulnerability exists in Firefly III versions prior to 4.7.17.3, which can be exploited by an attacker to execute client-side code...

5.4CVSS6.4AI score0.00762EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/21 12:0 a.m.4 views

Atlassian Fisheye and Crucible Cross-Site Scripting Vulnerabilities (CNVD-2019-04923)

Atlassian Fisheye and Crucible are both products of the Australian company Atlassian, Atlassian Fisheye is a suite of in-depth viewers of source code and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in the administrative linker feature in Atlassian Fisheye...

4.8CVSS6.4AI score0.00889EPSS
Exploits0References1
Rows per page
Query Builder