Lucene search
K

16 matches found

SUSE CVE
SUSE CVE
added 2025/04/20 11:23 p.m.4 views

SUSE CVE-2017-12844

Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...

4.8CVSS5.8AI score0.00784EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.4 views

The vulnerability of the system administration programs Sudo-rs lies in insufficient validation of command arguments entered by users. This allows attackers to escalate their privileges by creating a specially crafted user name.

The vulnerability of the system administration programs Sudo-rs is related to insufficient checking of command arguments entered by users. Exploiting this vulnerability allows a malicious actor to enhance their privileges by creating a specially crafted user name...

9CVSS7.4AI score0.00571EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2023/03/20 12:0 a.m.53 views

CVE-2023-27533

A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...

9.8CVSS7.1AI score0.01993EPSS
Exploits1References4
RubySec
RubySec
added 2022/05/14 12:0 a.m.158 views

WEBrick RCE Vulnerability

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

9.3CVSS8AI score0.16412EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/08/10 5:15 p.m.16 views

CVE-2020-17476

Mibew Messenger before 3.2.7 allows XSS via a crafted user name...

6.1CVSS6AI score0.00685EPSS
Exploits0References2
Prion
Prion
added 2020/08/10 5:15 p.m.20 views

Cross site scripting

Mibew Messenger before 3.2.7 allows XSS via a crafted user name...

4.3CVSS5.9AI score0.00685EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/10 4:58 p.m.14 views

CVE-2020-17476

Mibew Messenger before 3.2.7 allows XSS via a crafted user name...

6AI score0.00685EPSS
Exploits0References2
OSV
OSV
added 2020/06/24 8:15 p.m.4 views

CVE-2020-13247

BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area...

7.3CVSS6.5AI score0.00965EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/09/19 5:0 p.m.27 views

CVE-2017-10784

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

8AI score0.16412EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2017/09/19 5:0 p.m.32 views

CVE-2017-10784

Removed by vendor...

9.3CVSS9.3AI score0.16412EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/09/19 12:0 a.m.31 views

CVE-2017-10784

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

9.3CVSS7AI score0.16412EPSS
Exploits0References6
OSV
OSV
added 2017/09/19 12:0 a.m.3 views

UBUNTU-CVE-2017-10784

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

8.8CVSS7.2AI score0.16412EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2017/08/23 2:29 p.m.2 views

CVE-2017-12844

Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...

4.8CVSS5.7AI score0.00784EPSS
Exploits1References2
Prion
Prion
added 2017/08/23 2:29 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...

3.5CVSS4.6AI score0.00784EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/30 12:0 a.m.7 views

The vulnerability of the microprogramming software of the Cisco TelePresence VCS allows a intruder to gain access to the device.

The vulnerability of the control interface for microprogrammed software in Cisco TelePresence VCS devices is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the device using a specially crafte...

10CVSS5.5AI score0.04341EPSS
Exploits0References5
OSV
OSV
added 2013/07/31 1:20 p.m.11 views

CVE-2013-4996

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted database name, 2 a crafted user name, 3 a crafted logo URL in the navigation panel, 4 a...

5.4AI score
Exploits0References4
Rows per page
Query Builder