Lucene search
K

47 matches found

Vulnrichment
Vulnrichment
added 2024/05/21 3:22 p.m.20 views

CVE-2023-52705 nilfs2: fix underflow in second superblock position calculations

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFSSB2OFFSETBYTES, which computes the position of the second superblock, underflows when the argument device size is less than 4096 bytes. Therefore, when...

6.8AI score0.00252EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.8 views

PT-2024-27896 · WordPress · The Essential Blocks – Page Builder Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress versions up to, and including, 4.5.9 Description: The issue is related to Stored Cross-Site Scripting via the plugin's "Social Icons" block due to...

5.4CVSS5.9AI score0.0034EPSS
Exploits0References7
Citrix
Citrix
added 2024/03/18 12:0 a.m.8 views

How To: Allow traffic only from specific IPs or subnets.

Create a Responder policy that will block access to bound virtual server depending on source IP or source subnet of the client, so that the resource is only accessible from specific IPs and specific subnet IPs...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

Palo Alto Networks GlobalProtect 安全漏洞

Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect that originates from the ability of an authenticated,...

4.3CVSS6.9AI score0.00568EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/25 12:0 a.m.3 views

Tutanota Input Validation Error Vulnerability

Tutanota is a very security- and privacy-conscious email service from Tuta that encrypts email, contacts, and calendar entries on all devices. An input validation error vulnerability exists in Tutanota versions 3.118.12 through 3.119.10, which stems from an attacker being able to send a manipulat...

7.5CVSS6.8AI score0.00788EPSS
Exploits1References3
Citrix
Citrix
added 2023/11/30 12:0 a.m.7 views

How to block access URL https://x.x.x.x/oauth/idp/.well-known/openid-configuration

This article will guide on how to block access to the URL https://x.x.x.x/oauth/idp/.well-known/openid-configuration, where x.x.x.x is the URL of the gateway...

7AI score
Exploits0
Cvelist
Cvelist
added 2023/02/22 7:10 p.m.33 views

CVE-2023-24812 SQL injection of notes/search-by-tag

Misskey is an open source, decentralized social media platform. In versions prior to 13.3.3 SQL injection is possible due to insufficient parameter validation in the note search API by tag notes/search-by-tag. This has been fixed in version 13.3.3. Users are advised to upgrade. Users unable to...

8.8CVSS10AI score0.0071EPSS
Exploits0References2
NVD
NVD
added 2022/08/01 9:15 p.m.42 views

CVE-2022-31195

DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF simple archive format package could cause a file/directory to be...

7.2CVSS0.01118EPSS
Exploits0References3
OSV
OSV
added 2021/06/16 3:58 p.m.7 views

DRUPAL-CONTRIB-2021-015

Chaos tool suite ctools module provides a number of APIs and extensions for Drupal, its 8.x-3.x branch is a start from scratch to evaluate the features of ctools that didn't make it into Drupal Core 8.0.x and port them. The module doesn't sufficiently handle block access control on its EntityView...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2020/04/27 12:0 a.m.1 views

OHNI has a flawed logic vulnerability

ohni2 OHNI is an ethereum-based digital currency. An integer overflow vulnerability exists in the 'sell' function in OHNI's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...

7.1AI score
Exploits0
Symantec
Symantec
added 2018/10/09 12:0 a.m.146 views

Microsoft SQL Server Management Studio CVE-2018-8532 Information Disclosure Vulnerability

Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...

5.4AI score0.23373EPSS
Exploits5Affected Software1
Symantec
Symantec
added 2018/09/11 12:0 a.m.27 views

Microsoft Windows Hyper-V CVE-2018-8434 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

0.7AI score0.03494EPSS
Exploits0Affected Software3
NVD
NVD
added 2018/02/14 12:29 p.m.18 views

CVE-2018-2396

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service...

6.5CVSS6.5AI score0.00924EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2017/06/14 3:39 a.m.10 views

ISPs Should Block ‘The Pirate Bay’ Torrent Site: Top European Court Rules

The Pirate Bay — a widely popular file-sharing website predominantly used to share copyrighted material free of charge — is once again in trouble, this time in Europe. The European Union Court of Justice ECJ ruled today that Dutch ISPs can block access to The Pirate Bay, as the Swedish file-hosti...

6.5AI score
Exploits0
Cvelist
Cvelist
added 2014/05/19 2:0 p.m.25 views

CVE-2013-4431

Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request...

6.4AI score0.01265EPSS
Exploits0References5
CVE
CVE
added 2014/05/19 2:0 p.m.41 views

CVE-2013-4431

CVE-2013-4431 affects Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3. It does not properly prevent access to blocks, allowing remote authenticated users to modify arbitrary blocks via the block id in an edit request. The vulnerability enables partial integrity impact and partial...

5.5CVSS6.5AI score0.01265EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2013/12/07 8:55 p.m.10 views

CVE-2013-4445

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a...

4.9CVSS6AI score0.01569EPSS
Exploits0References6
Cvelist
Cvelist
added 2013/12/07 8:0 p.m.52 views

CVE-2013-4445

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a...

6AI score0.01569EPSS
Exploits0References6
OSV
OSV
added 2012/07/23 9:55 p.m.3 views

UBUNTU-CVE-2012-3390

lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block...

3.5CVSS5.8AI score0.00978EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.20 views

McAfee myCIO HTTP Server Detection

We detected the presence of McAfee SPDX-FileCopyrightText: 2005 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10707";...

7.1AI score
Exploits0
Rows per page
Query Builder