Lucene search
K

9 matches found

UbuntuCve
UbuntuCve
added 2026/02/26 9:28 p.m.4 views

CVE-2026-22205

SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive...

8.7CVSS5.9AI score0.00468EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/09 6:30 p.m.3 views

EUVD-2025-201921

A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application lacks input validation of date parameter in report generation functionality. This could allow an authenticated, lowly privileged attacker to cause denial of service condition of the report...

7.1CVSS6.2AI score0.00326EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.5 views

CVE-2023-26114

Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes. Exploiting this vulnerability can allow an adversary in specific scenarios to access data from and connect to the code-server instance...

9.3CVSS6.9AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.6 views

PHOENIX CONTACTs WP 6xxx series web panels Security Vulnerability

PHOENIX CONTACTs WP 6xxx series web panels are a series of web panels from PHOENIX CONTACTs, Germany. A security vulnerability exists in PHOENIX CONTACTs WP 6xxx series web panels prior to version 4.0.10, which can be exploited by an unauthenticated, remote attacker to gain read/write access to t...

7.5CVSS7AI score0.00607EPSS
Exploits0References2
OSV
OSV
added 2023/08/08 7:15 a.m.4 views

CVE-2023-3572

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device...

10CVSS5.8AI score0.00789EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/05 12:0 a.m.4 views

Statamic 跨站脚本漏洞

Statamic is a powerful flat file Cms built on Laravel by Statamic, Inc. for storing all content, templates, assets, and settings in files instead of a database. A cross-site scripting vulnerability exists in Statamic versions prior to 4.10.0, which stems from an SVG tag that does not clear...

5.5CVSS5.4AI score0.0055EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.5 views

Teltonika Remote Management System 授权问题漏洞

Teltonika Remote Management System is a Teltonika remote management system for managing Teltonika products. An authorization issue vulnerability exists in Teltonika Remote Management System versions prior to 4.10.0. An attacker could use this vulnerability to execute arbitrary commands as root by...

9.8CVSS9.2AI score0.00665EPSS
Exploits0References3
OSV
OSV
added 2020/02/04 8:15 p.m.1 views

ALPINE-CVE-2020-8449

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters...

7.5CVSS6.9AI score0.08311EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2013/11/20 2:12 p.m.1 views

CVE-2013-5607

Integer overflow in the PLArenaAllocate function in Mozilla Netscape Portable Runtime NSPR before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service application crash o...

7.5CVSS5.9AI score0.03893EPSS
Exploits0References17
Rows per page
Query Builder