Lucene search
K

453 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-4555

Malware in sbrugna...

9CVSS6.3AI score0.03271EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-30277

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12377

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.0024EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:49 a.m.6 views

CVE-2024-20928

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content...

6.1CVSS6.3AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.5 views

CVE-2023-26457

SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can read and modify some sensitive information but cannot delete the data...

6.1CVSS5.8AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:56 a.m.9 views

CVE-2023-34598

Gibbon v25.0.0 is vulnerable to a Local File Inclusion LFI where it's possible to include the content of several files present in the installation folder in the server's response...

9.8CVSS6.7AI score0.47238EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.11 views

CVE-2021-3010

There are multiple persistent cross-site scripting XSS vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized...

5.4CVSS6.1AI score0.00862EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:32 a.m.10 views

CVE-2013-7231

Cross-site scripting XSS vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222...

3.5CVSS5.5AI score0.01077EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:8 a.m.6 views

CVE-2011-4144

Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges...

6.8CVSS6.5AI score0.00303EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/25 9:15 p.m.8 views

CVE-2024-12862

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS6.9AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2025/04/21 3:15 p.m.13 views

CVE-2024-12862

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/21 2:22 p.m.21 views

CVE-2024-12862 REST API allows users without permissions to remove external collaborators

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 2025/04/21 2:22 p.m.1280 views

CVE-2024-12862

CVE-2024-12862 describes an Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows and Linux, allowing users without proper permissions to remove external collaborators. Affected versions: Content Server 20.2–24.4. CVSS v4.0 base score 5.5 (Medium). No public exp...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/21 2:22 p.m.10 views

CVE-2024-12862 REST API allows users without permissions to remove external collaborators

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS7.1AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/21 12:0 a.m.9 views

PT-2025-17436 · Opentext · Opentext Content Server

Name of the Vulnerable Software and Affected Versions: OpenText Content Server versions 20.2 through 24.4 Description: The issue is related to an Incorrect Authorization vulnerability in the OpenText Content Server REST API, allowing users without the appropriate permissions to remove external...

5.5CVSS6.4AI score0.0024EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/04/21 12:0 a.m.6 views

OpenText Content Server 安全漏洞

OpenText Content Server is an enterprise content management software from OpenText Canada. A security vulnerability exists in OpenText Content Server versions 20.2 through 24.4, which stems from improper authorization of the REST API and could result in an unprivileged user deleting external...

5.5CVSS6.7AI score0.0024EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.13 views

The vulnerabilities of SAP NetWeaver AS ABAP, SAP NetWeaver AS for Java, SAP Content Server, and SAP Web Dispatcher integration platforms are related to authentication procedures that lack sufficient safeguards. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerabilities of SAP NetWeaver AS ABAP, SAP NetWeaver AS for Java, SAP Content Server, and SAP Web Dispatcher programming integration platforms are related to deficiencies in authentication procedures. Exploiting these vulnerabilities can allow attackers to compromise the confidentiality,...

6.4CVSS5.5AI score0.00208EPSS
Exploits0References4Affected Software4
GithubExploit
GithubExploit
added 2024/09/15 6:45 p.m.238 views

Exploit for CVE-2024-6782

CVE-2024-6782-PoC Usage: python3 ca...

9.8CVSS7.8AI score0.83393EPSS
Exploits8
OSV
OSV
added 2024/08/13 4:15 a.m.5 views

CVE-2024-33005

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server ABAP and Java, and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a...

6.3CVSS5.8AI score0.00208EPSS
Exploits0References2
NVD
NVD
added 2024/08/13 4:15 a.m.22 views

CVE-2024-33005

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server ABAP and Java, and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a...

6.3CVSS0.00208EPSS
Exploits0References2
Rows per page
Query Builder