Lucene search
K

16 matches found

EUVD
EUVD
added 2026/01/01 12:31 a.m.5 views

EUVD-2025-206097

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.2AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.6 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A cross-site scripting vulnerability exists in Esri ArcGIS Server version 11.4 and earlier, which stems from a stored cross-site scripting issue that could lead to malicious...

6.1CVSS6AI score0.00197EPSS
Exploits0References2
CVE
CVE
added 2025/09/29 6:33 p.m.12 views

CVE-2025-57878

The CVE-2025-57878 affects Esri Portal for ArcGIS

6.1CVSS6.6AI score0.0023EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/05/16 11:15 a.m.13 views

CVE-2025-40631

HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected...

6.1CVSS0.00183EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 11:9 a.m.26 views

CVE-2025-40631

CVE-2025-40631 describes an HTTP Host header injection affecting IceWarp Mail Server, version 11.4.0. By modifying the Host header and delivering a payload, arbitrary JavaScript can be executed on the loaded page when a user interacts with a malicious link (redirect). The vulnerability is tied to...

6.1CVSS7AI score0.00183EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/16 11:9 a.m.12 views

CVE-2025-40631 HTTP host header injection vulnerability in IceWarp Mail Server

HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected...

2CVSS0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 11:8 a.m.15 views

CVE-2025-40630 Open redirection vulnerability in IceWarp Mail Server

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

5.1CVSS0.00425EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 11:8 a.m.57 views

CVE-2025-40630

IceWarp Mail Server ≤11.4.0 suffers an open redirect vulnerability. The issue is triggered by crafting malicious URLs that redirect users to arbitrary external domains (examples show vulnerable URL formats). Root cause is improper handling of target URLs leading to redirects. Affected product/ver...

6.1CVSS6.5AI score0.00425EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/08/27 12:0 a.m.3 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An authentication error vulnerability exists in IBM Securit...

7.5CVSS6.6AI score0.00666EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.4 views

PT-2023-4436 · Jt Open +1 · Jt Open +1

Name of the Vulnerable Software and Affected Versions: JT Open versions prior to V11.4 JT Utilities versions prior to V13.4 Description: A vulnerability has been identified in the affected applications, which contain an out of bounds read past the end of an allocated structure while parsing...

7.8CVSS7.7AI score0.00202EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/07/24 7:15 p.m.5 views

CVE-2023-37613

A cross-site scripting XSS vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter...

6.1CVSS6.5AI score0.0038EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:18 a.m.3 views

SUSE CVE-2019-2987

Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

3.7CVSS6.9AI score0.03395EPSS
Exploits0References11
OSV
OSV
added 2019/10/16 6:15 p.m.4 views

UBUNTU-CVE-2019-2894

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

3.7CVSS6.7AI score0.03159EPSS
Exploits0References5
CNVD
CNVD
added 2018/08/14 12:0 a.m.4 views

Intel Saffron admin application elevation of privilege vulnerability

Intel Saffron admin application is a Saffron management application from Intel Corporation USA. A security vulnerability exists in Intel Saffron admin application versions prior to 11.4. An attacker can exploit the vulnerability to elevate privileges and access unauthorized information...

5.7CVSS6AI score0.00404EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/26 12:0 a.m.3 views

Micro Focus Solutions Business Manager Cross-Site Scripting Vulnerability

Micro Focus Solutions Business Manager SBM is a suite of business process automation management solutions from Micro Focus UK. The solution is primarily used for process automation, including software development lifecycle and IT business process management. A cross-site scripting vulnerability...

6.1CVSS6AI score0.00647EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/22 12:0 a.m.2 views

Micro Focus Solutions Business Manager Information Disclosure Vulnerability

Micro Focus Solutions Business Manager SBM is a suite of business process automation management solutions from Micro Focus UK. The solution is primarily used for process automation, including software development lifecycle and IT business process management. A security vulnerability exists in Mic...

7.5CVSS7.4AI score0.01111EPSS
Exploits0References1
Rows per page
Query Builder