Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.8.17 (RHSA-2021:3926)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3926 advisory. - coreos-installer: incorrect signature verification on gzip-compressed install images CVE-2021-20319 Note that Nessus has not tested for thi...

7.8CVSS5.8AI score0.00515EPSS
Exploits0References6
OSV
OSV
added 2025/10/01 9:20 p.m.2 views

GHSA-9MH6-G99M-PPCW auth0-PHP SDK Does Not Properly Handle File Types in Bulk User Import

Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...

3.3CVSS7.1AI score0.00329EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/10/01 7:57 p.m.50 views

CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS0.00329EPSS
Exploits0References6
CVE
CVE
added 2025/10/01 7:57 p.m.17 views

CVE-2025-58769

CVE-2025-58769 affects the Auth0-PHP SDK (versions 3.3.0–8.16.0) where the Bulk User Import endpoint does not validate the file-path wrapper or value, allowing arbitrary file paths or URLs. This impacts applications directly using the Auth0-PHP SDK or through Auth0/symfony, Auth0/laravel-auth0, a...

3.3CVSS6.6AI score0.00329EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 5:42 a.m.6 views

CVE-2023-0907

A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is the function 0x220017 in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached...

5.5CVSS4.7AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.5 views

CVE-2023-1007

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...

7.8CVSS7AI score0.00505EPSS
Exploits1References1
Elastic
Elastic
added 2025/04/08 3:57 p.m.10 views

Elastic Defend 8.17.3 Security Update (ESA-2025-05)

Elastic Defend Insertion of Sensitive Information into Log Files ESA-2025-05 Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack. This...

6.5CVSS6.5AI score0.00311EPSS
Exploits0
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.4 views

Filseclab Twister Antivirus Code Issue Vulnerability

Filseclab Twister Antivirus is an intelligent antivirus software from Fair Filseclab. A code issue vulnerability exists in Filseclab Twister Antivirus version v8.17, which stems from the presence of an elevation of privilege vulnerability...

5.5CVSS7.3AI score0.00196EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.5 views

Filseclab Twister Antivirus Buffer Error Vulnerability

Filseclab Twister Antivirus is an intelligent antivirus from Fair Filseclab. A buffer error vulnerability exists in Filseclab Twister Antivirus version v8.17, which stems from vulnerability to out-of-bounds reads...

6.1CVSS7AI score0.00164EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.4 views

PT-2024-17462 · Unknown · Twister Antivirus

Name of the Vulnerable Software and Affected Versions: Twister Antivirus version 8.17 Description: The issue is related to a Denial of Service vulnerability. It can be triggered by specific codes, including 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F. Recommendations: F...

5.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.4 views

PT-2024-16664 · Unknown · Twister Antivirus

Name of the Vulnerable Software and Affected Versions: Twister Antivirus version 8.17 Description: The issue allows Elevation of Privileges on the computer where Twister Antivirus is installed by triggering specific IOCTL codes of the fildds.sys driver, including 0x80112067, 0x801120CB, and...

5.5CVSS7.2AI score0.00196EPSS
Exploits0References9
OSV
OSV
added 2023/12/29 12:15 p.m.5 views

CVE-2023-50893

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UpSolution Impreza – WordPress Website and WooCommerce Builder allows Reflected XSS.This issue affects Impreza – WordPress Website and WooCommerce Builder: from n/a through 8.17.4...

6.1CVSS7.3AI score0.00351EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/12/25 2:10 a.m.2 views

SUSE CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5.3CVSS6.9AI score0.01073EPSS
Exploits2References6
ATTACKERKB
ATTACKERKB
added 2023/07/26 8:15 p.m.3 views

CVE-2023-31466

An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Configuration - Compliance - Add a new compliance report" and "Configuration - Timekeeper Configuration - Add a new source there" screens, there are entry points to inject JavaScript code...

5.4CVSS6.1AI score0.00424EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/02/18 12:0 a.m.5 views

PT-2023-16609 · Filseclab · Filseclab Twister Antivirus

Name of the Vulnerable Software and Affected Versions: Filseclab Twister Antivirus version 8.17 Description: A problematic issue has been found in the IoControlCode Handler component, specifically affecting the function 0x220017 in the ffsmon.sys library. This issue leads to denial of service and...

5.5CVSS7AI score0.00217EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:18 a.m.2 views

SUSE CVE-2019-2914

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...

6.5CVSS5.4AI score0.01885EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/12/07 8:28 p.m.10 views

rabbitmq-server: improper neutralization of script-related HTML tags in a web page (basic XSS) in management UI

RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper tag sanitization, potentially allowing for JavaScript code execution in the...

5.4CVSS6.2AI score0.01437EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/12/07 7:19 p.m.5 views

rabbitmq-server: improper neutralization of script-related HTML tags in a web page (basic XSS) in management UI

RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper tag sanitization, potentially allowing for JavaScript code execution in the...

5.4CVSS6.2AI score0.01437EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/12/20 12:0 a.m.5 views

Laravel Framework 操作系统命令注入漏洞

Laravel Framework is a PHP-based web application development framework by Taylor Otwell, an individual developer. A security vulnerability exists in Laravel Framework prior to version 5.8.17, which is caused by a command injection vulnerability in the software due to a lack of filtering and...

8.8CVSS7.9AI score0.02523EPSS
Exploits1References3
OSV
OSV
added 2021/08/09 8:41 p.m.4 views

GHSA-3393-HVRJ-W7V3 Denial of Service in Elasticsearch

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

5.7CVSS7AI score0.0166EPSS
Exploits0References4
Rows per page
Query Builder