Lucene search
K

2125 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 1:26 a.m.9 views

CVE-2022-34672

NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands...

7.8CVSS6.8AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:10 a.m.8 views

CVE-2022-47648

An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an...

8.8CVSS7.1AI score0.00425EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:33 p.m.10 views

CVE-2022-2636

Improper Control of Generation of Code 'Code Injection' in GitHub repository hestiacp/hestiacp prior to 1.6.6...

8.8CVSS8.3AI score0.01076EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:32 a.m.9 views

CVE-2024-45799

FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's browser just by visiting the shop pages. As a...

7.3CVSS7.4AI score0.00267EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.4 views

PT-2025-1547 · Unknown · Luckywp Scripts Control

Name of the Vulnerable Software and Affected Versions: LuckyWP Scripts Control versions 1.2.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in LuckyWP Scripts Control, which allows exploiting incorrectly configured access control security levels...

4.3CVSS9.4AI score0.00245EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2024/11/26 12:0 a.m.17 views

KLA77600 SUI vulnerability in Microsoft Dynamics

Security UI vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2024-49053 Related products Microsoft-Dynamics-365 CVE list CVE-2024-49053 high Solution Install necessary updates from the KB section, that a...

7.6CVSS9.4AI score0.00657EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2024/11/12 12:0 a.m.17 views

KLA77110 PE vulnerability in Microsoft Apps

An elevation of privilege vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2024-49051 CVE list CVE-2024-49051 high Solution Install necessary updates from the KB section, that are listed in your Windows Update...

7.8CVSS6.7AI score0.00627EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.2 views

Acronis Backup plugin for cPanel & WHM (Linux) 安全漏洞

Acronis Backup plugin for cPanel & WHM Linux is a plugin from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux versions prior to 818, which stems from improper handling of symbolic links, resulting in the disclosure of sensitive information duri...

3.3CVSS4.1AI score0.00203EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2024/11/05 12:16 p.m.12 views

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers

Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised devices via account takeover ATO using a...

8.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.10 views

Synology DiskStation Manager Improper Neutralization of Input During Web Page Generation (CVE-2018-13293)

Cross-site scripting XSS vulnerability in Control Panel SSO Settings in Synology DiskStation Manager DSM before 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter. This plugin only works with Tenable.ot. Please visit...

5.9CVSS5.8AI score0.00818EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/24 12:0 a.m.6 views

The vulnerability of the Webmin control panel for hosting services, related to a loop with an unreachable exit condition, allows attackers to cause a service failure.

The vulnerability of the Webmin control panel involves a cycle with an unreachable exit condition. Exploiting this vulnerability allows a malicious actor to cause service failures...

7.8CVSS5.4AI score0.00623EPSS
Exploits0References6Affected Software4
CNNVD
CNNVD
added 2024/09/18 12:0 a.m.4 views

Eliz Panel SQL注入漏洞

Eliz Panel is a control panel from Eliz Corporation. A SQL injection vulnerability exists in Eliz Panel versions prior to 2.3.24, which arises from an improper neutralization of a particular element used, allowing commands to be executed via SQL injection...

9.4CVSS8.1AI score0.00503EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.4 views

The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP allows a perpetrator to cause service failures.

The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability could allow a malicious actor to cause...

7.8CVSS7.1AI score0.00954EPSS
Exploits0References4Affected Software22
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.4 views

The vulnerability of the Webmin control panel for hosting services stems from incorrect permissions and privileges, allowing attackers to circumvent existing security restrictions.

The vulnerability of the Webmin control panel involves incorrect permissions and privileges. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

5.5CVSS5.5AI score
Exploits0References3Affected Software2
Redos
Redos
added 2024/09/17 12:0 a.m.21 views

ROS-20240917-06

A glitch in the sessionlogin.cgi script of the Webmin hosting control panel and web interface for unix-like systems Usermin exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a...

6.1CVSS7AI score0.004EPSS
Exploits0
NVD
NVD
added 2024/09/16 7:16 p.m.17 views

CVE-2024-45799

FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's browser just by visiting the shop pages. As a...

7.3CVSS0.00267EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/16 6:31 p.m.23 views

CVE-2024-45799 Javascript Injection in Vending Info/Buyers Info Module in FluxCP

FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's browser just by visiting the shop pages. As a...

7.3CVSS0.00267EPSS
Exploits0References1
Redos
Redos
added 2024/09/16 12:0 a.m.4 views

ROS-20240916-01

A vulnerability in the Webmin hosting control panel is related to incorrect permissions and privileges. Exploitation of the vulnerability could allow an attacker acting remotely to bypass implemented security restrictions. security...

7.3AI score
Exploits0
NVD
NVD
added 2024/09/12 6:15 p.m.17 views

CVE-2020-24061

Cross Site Scripting XSS Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script...

5.4CVSS0.00331EPSS
Exploits1References2
OSV
OSV
added 2024/09/12 6:15 p.m.3 views

CVE-2020-24061

Cross Site Scripting XSS Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script...

4.3CVSS6.1AI score0.00331EPSS
Exploits1References2
Rows per page
Query Builder