Lucene search
K

77 matches found

RedhatCVE
RedhatCVE
added 2025/09/25 8:41 a.m.12 views

CVE-2025-9031

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing.This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS6.9AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2025/09/24 9:15 a.m.5 views

CVE-2025-9031

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS0.00218EPSS
Exploits0References2
CVE
CVE
added 2025/09/24 8:25 a.m.16 views

CVE-2025-9031

Summary: CVE-2025-9031 affects DivvyDrive Web by Observable Timing Discrepancy allowing Cross-Domain Search Timing. PT-2025-39236 specifies DivvyDrive Web versions 4.8.2.2 through 4.8.2.15 as affected and attributes the issue to an observable timing discrepancy; it recommends upgrading to a versi...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/24 8:25 a.m.4 views

CVE-2025-9031 Timing-Based Username Enumeration in DivvyDrive Information Technologies' DivvyDrive Web

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/09/24 8:25 a.m.4 views

CVE-2025-9031

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/09/24 8:25 a.m.15 views

CVE-2025-9031 Timing-Based Username Enumeration in DivvyDrive Information Technologies' DivvyDrive Web

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS0.00218EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.5 views

DivvyDrive Web 安全漏洞

DivvyDrive Web is a file management and sharing system from the Turkish company DivvyDrive. A security vulnerability exists in DivvyDrive Web versions 4.8.2.2 through prior to 4.8.2.15, which stems from the presence of an observable timing difference that could lead to a cross-domain search timin...

4.3CVSS6.5AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.6 views

PT-2025-39236

Name of the Vulnerable Software and Affected Versions DivvyDrive Web versions 4.8.2.2 through 4.8.2.15 Description An issue exists in DivvyDrive Web that allows for Cross-Domain Search Timing. This is due to an Observable Timing Discrepancy. Recommendations Update to a version later than 4.8.2.15...

4.3CVSS6.6AI score0.00218EPSS
Exploits0References6
CNVD
CNVD
added 2022/05/25 12:0 a.m.20 views

NetDataSoft DivvyDrive Cross-Site Scripting Vulnerability

NetDataSoft DivvyDrive is an enterprise file management and sharing system from the Turkish company NetDataSoft. Used to encrypt and store all data and allow secure access to your data from anywhere. cross-site scripting vulnerability exists in versions prior to NetDataSoft DivvyDrive v.4.6.2.0,...

3.5CVSS2.5AI score0.00407EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/23 7:0 p.m.4 views

CVE-2022-0900

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NetDataSoft DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from unspecified before v.4.6.2.0...

5.4CVSS6AI score0.00407EPSS
Exploits0References3
OSV
OSV
added 2022/05/23 2:16 p.m.3 views

CVE-2022-0900

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NetDataSoft DivvyDrive allows Stored XSS.This issue affects DivvyDrive: from unspecified before v.4.6.2.0...

5.4CVSS6.1AI score0.00407EPSS
Exploits0References1
NVD
NVD
added 2022/05/23 2:16 p.m.10 views

CVE-2022-0900

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NetDataSoft DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from unspecified before v.4.6.2.0...

5.4CVSS0.00407EPSS
Exploits0References2
Prion
Prion
added 2022/05/23 2:16 p.m.8 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NetDataSoft DivvyDrive allows Stored XSS.This issue affects DivvyDrive: from unspecified before v.4.6.2.0...

3.5CVSS5.6AI score0.00407EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/23 12:10 p.m.16 views

CVE-2022-0900 Cross-Site Scripting Vulnerability in DivvyDrive

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NetDataSoft DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from unspecified before v.4.6.2.0...

5.4CVSS5.8AI score0.00407EPSS
Exploits0References2
CVE
CVE
added 2022/05/23 12:10 p.m.61 views

CVE-2022-0900

DivvyDrive is affected by a stored XSS in its aciklama parameter for versions prior to 4.6.2.0. The issue stems from improper neutralization of input during web page generation, enabling an attacker to execute JavaScript in a victim’s browser and potentially access session information. Remediatio...

5.4CVSS6AI score0.00407EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/05/23 12:0 a.m.3 views

NetDataSoft DivvyDrive 跨站脚本漏洞

NetDataSoft DivvyDrive is an enterprise file management and sharing system from the Turkish company NetDataSoft. Used to encrypt and store all data and allow secure access to your data from anywhere. cross-site scripting vulnerability exists in versions prior to NetDataSoft DivvyDrive v.4.6.2.0,...

5.4CVSS5.6AI score0.00407EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/23 12:0 a.m.5 views

PT-2022-13513

Name of the Vulnerable Software and Affected Versions DivvyDrive versions prior to 4.6.2.0 Description The issue is related to improper neutralization of input during web page generation, also known as cross-site scripting. This allows for stored XSS attacks. A stored cross-site scripting...

5.4CVSS5.6AI score0.00407EPSS
Exploits0References11
Rows per page
Query Builder