Lucene search
K

333 matches found

Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.4 views

PT-2025-36969

Name of the Vulnerable Software and Affected Versions: UTT 1200GW versions prior to 3.0.0-170831 Description: A security issue has been identified in UTT 1200GW. Manipulation of the loadBalanceNameOld argument in the sub 4B48F8 function within the /goform/formApLbConfig file can lead to a buffer...

9CVSS8.7AI score0.00995EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/08/20 11:32 p.m.12 views

CVE-2025-9264 Xuxueli xxl-job Jobs JobInfoController.java remove resource injection

A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/job/admin/controller/JobInfoController.java of the component Jobs Handler. Performing manipulation of the argument ID results in improper control of resource...

5.5CVSS0.00314EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-4096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.2AI score0.00474EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-35590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.33 and prior, 7.5.23 and...

6.5CVSS6.7AI score0.88497EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/14 6:14 a.m.17 views

CVE-2025-7579 chinese-poetry server.js redos

A vulnerability was found in chinese-poetry 0.1. It has been rated as problematic. This issue affects some unknown processing of the file rank/server.js. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to th...

5.3CVSS0.00325EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/05 12:0 a.m.5 views

PT-2025-28107 · Huawei +1 · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: There is a risk of stack overflow when vector images are parsed during file preview. The impact of successful exploitation of this issue may affect the file preview function. Recommendations...

4CVSS6.6AI score0.00086EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.25 views

PT-2025-27781 · Apache · Apache Httpd

Name of the Vulnerable Software and Affected Versions: Apache httpd affected versions not specified Description: The configuration of the Apache httpd webserver is partly insecure due to unnecessary activated modules. These modules pose a risk to the webserver, enabling directory listing...

5.3CVSS6.1AI score0.00367EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/06/28 12:0 a.m.6 views

PT-2025-27503 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of the TOTOLINK A3002RU router. The issue affects an unknown function of the file...

9CVSS7.3AI score0.00759EPSS
Exploits1References12
CNVD
CNVD
added 2025/06/23 12:0 a.m.1 views

Apache NuttX Buffer Overflow Vulnerability (CNVD-2025-15708)

Apache NuttX is a real-time embedded operating system from the Apache Foundation. A buffer overflow vulnerability exists in Apache NuttX versions prior to 6.22 through 12.9.0, which stems from an application boundary error when handling untrusted input and can be exploited by an attacker to cause...

9.8CVSS7.4AI score0.00625EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/23 12:0 a.m.3 views

PT-2025-26574 · Htacg +1 · Tidy-Html5 +1

Name of the Vulnerable Software and Affected Versions: HTACG tidy-html5 version 5.8.0 Description: A vulnerability was found in HTACG tidy-html5, affecting the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to a reachable assertion. Attacking locally is a...

4.8CVSS6.8AI score0.00134EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2025/06/19 12:0 a.m.5 views

PT-2025-26235

Name of the Vulnerable Software and Affected Versions WebAssembly wabt versions 1.0.37 and earlier Description A vulnerability was found in the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to a reachable assertion. Local access is required to approach this...

4.8CVSS4AI score0.00189EPSS
Exploits1References19
Positive Technologies
Positive Technologies
added 2025/06/03 12:0 a.m.4 views

PT-2025-23643 · Unknown · Quequnlong Shiyi-Blog

Name of the Vulnerable Software and Affected Versions: quequnlong shiyi-blog versions up to 1.2.1 Description: A critical issue was found in the unknown code of the file /app/sys/article/optimize. The manipulation of the url argument leads to server-side request forgery. The attack can be initiat...

9.8CVSS6.3AI score0.00399EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/06/01 12:0 a.m.11 views

PT-2025-23434 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A vulnerability has been found in chaitak-gorai Blogbook, classified as problematic. It affects an unknown functionality of the file /register script.php. The...

4.8CVSS3.2AI score0.00276EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/05/30 12:0 a.m.4 views

PT-2025-23346 · Campcodes · Campcodes Online Hospital Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Hospital Management System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /doctor/add-patient.php. The manipulation of the patname argument leads to SQL...

9.8CVSS7.5AI score0.00415EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/05/28 12:0 a.m.5 views

PT-2025-23085

Name of the Vulnerable Software and Affected Versions Apache Commons BeanUtils versions 1.x before 1.11.0 Apache Commons BeanUtils versions 2.x before 2.0.0-M2 Description The issue is related to improper access control in Apache Commons BeanUtils, where an attacker can access the enum's class...

9CVSS7AI score0.01495EPSS
Exploits1References431
CVE
CVE
added 2025/05/27 8:51 p.m.61 views

CVE-2025-5198

CVE-2025-5198 describes a Cross-site Scripting (XSS) flaw in Stackrox where the vulnerability can be triggered if script code is placed in a small subset of table cells, specifically when contained in the name of a Kubernetes “Role” object applied to a secured cluster. The exploit would require c...

5.4CVSS4.9AI score0.00227EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.4 views

PT-2025-23004 · Campcodes · Campcodes Online Hospital Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Hospital Management System version 1.0 Description: A critical issue was discovered, affecting the file /hms/admin/query-details.php. The manipulation of the adminremark argument leads to SQL injection. This issue can be...

9.8CVSS7.5AI score0.00415EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.6 views

CVE-2024-6979

Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of...

6.8CVSS6.9AI score0.0029EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.6 views

CVE-2024-44809

A remote code execution RCE vulnerability exists in the Pi Camera project, version 1.0, maintained by RECANTHA. The issue arises from improper sanitization of user input passed to the "position" GET parameter in the tilt.php script. An attacker can exploit this by sending crafted input data that...

9.8CVSS8.2AI score0.00811EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.13 views

PT-2025-22962

Name of the Vulnerable Software and Affected Versions vBulletin affected versions not specified Description The issue allows attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. Attackers can craft template code in an alternative PHP function invocation...

9CVSS7.8AI score0.47397EPSS
Exploits2References38
Rows per page
Query Builder