Lucene search
K

333 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:50 p.m.7 views

CVE-2022-20632

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate...

6.1CVSS6.7AI score0.00511EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.5 views

CVE-2020-9239

Huawei smartphones BLA-A09 versions 8.0.0.123C212,versions earlier than 8.0.0.123C567,versions earlier than 8.0.0.123C797;BLA-TL00B versions earlier than 8.1.0.326C01;Berkeley-L09 versions earlier than 8.0.0.163C10,versions earlier than 8.0.0.163C432,Versions earlier than 8.0.0.163C636,Versions...

5.5CVSS6.7AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.9 views

CVE-2020-9260

HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123C432E22R2P5 and versions earlier than 10.1.0.160C00E160R2P8 have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI...

6.5CVSS6.5AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.8 views

CVE-2019-10939

A vulnerability has been identified in TIM 3V-IE incl. SIPLUS NET variants All versions V2.8, TIM 3V-IE Advanced incl. SIPLUS NET variants All versions V2.8, TIM 3V-IE DNP3 incl. SIPLUS NET variants All versions V3.3, TIM 4R-IE incl. SIPLUS NET variants All versions V2.8, TIM 4R-IE DNP3 incl...

9.8CVSS6.7AI score0.01116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:49 a.m.8 views

CVE-2017-7722

In SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" the default username and password. By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the...

10CVSS6.8AI score0.1273EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/21 3:14 p.m.4 views

CVE-2025-48246

Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through = 6.11.2.1...

5.4CVSS5.9AI score0.00332EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.4 views

PT-2025-21883 · WordPress · Qi Blocks

Name of the Vulnerable Software and Affected Versions: Qi Blocks WordPress plugin versions prior to 1.4 Description: The issue concerns a Stored Cross-Site Scripting attack. It is caused by the plugin not validating and escaping some of its Counter block options before outputting them back in a...

5.4CVSS5.9AI score0.00256EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/05/17 12:0 a.m.7 views

PT-2025-29902

Name of the Vulnerable Software and Affected Versions NVIDIA Container Toolkit versions up to 1.17.7 GPU Operator versions up to 25.3.0 NVIDIA Container Toolkit versions 1.17.8 and 25.3.1 are fixed. Description A critical vulnerability CVE-2025-23266, dubbed “NVIDIAScape”, exists in the NVIDIA...

9.9CVSS7.3AI score0.37055EPSS
Exploits14References143
Positive Technologies
Positive Technologies
added 2025/05/17 12:0 a.m.6 views

PT-2025-21782 · WordPress · Wp-Members Membership Plugin

Name of the Vulnerable Software and Affected Versions: WP-Members Membership Plugin versions up to, and including, 3.5.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's wpmem user memberships shortcode due to insufficient input sanitization and output escaping on...

6.4CVSS6.1AI score0.00328EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.4 views

PT-2025-21381 · WordPress · The Ultimate Noindex Nofollow Tool

Name of the Vulnerable Software and Affected Versions: The Ultimate Noindex Nofollow Tool WordPress plugin versions 1.1.2 and earlier Description: The issue concerns a lack of CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack...

4.3CVSS9.2AI score0.00176EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2025/05/09 12:0 a.m.7 views

PT-2025-20543 · Sourcecodester · Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A vulnerability was found in the SourceCodester Online Student Clearance System, affecting an unknown functionality of the file /admin/add-student.php. The manipulation o...

5.4CVSS3.2AI score0.0048EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.7 views

PT-2025-18141 · Hugging Face · Huggingface/Transformers

Name of the Vulnerable Software and Affected Versions: huggingface/transformers library version v4.48.1 Description: A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization gpt neox japanese.py of the...

6.5CVSS4.6AI score0.00384EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.3 views

PT-2025-17525 · Mojoomla · Wpams

Name of the Vulnerable Software and Affected Versions: WPAMS versions prior to 44.0 Description: The issue affects WPAMS, allowing for Reflected XSS due to improper neutralization of input during web page generation. This can lead to cross-site scripting. Recommendations: For versions prior to...

7.1CVSS7.3AI score0.00191EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/20 12:0 a.m.6 views

PT-2025-17406 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A problematic vulnerability was found in the SourceCodester Web-based Pharmacy Product Management System. The issue affects an unknown functionality of the...

4.8CVSS3.5AI score0.00324EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.32 views

Oracle Coherence (April 2025 CPU)

The version of Coherence installed on the remote host is affected by a vulnerability as referenced in the April 2025 CPU advisory. - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Third Party Netty. Supported versions that are affected are 12.2.1.4.0,...

7.5CVSS6.4AI score0.01966EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.4 views

PT-2025-16403 · Oracle · Oracle Secure Backup

Name of the Vulnerable Software and Affected Versions: Oracle Secure Backup versions 12.1.0.1 through 12.1.0.3 Oracle Secure Backup versions 18.1.0.0 through 18.1.0.2 Description: The issue allows a high privileged attacker with logon to the infrastructure where Oracle Secure Backup executes to...

6.8CVSS6.7AI score0.00171EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/10 4:11 p.m.8 views

CVE-2025-2285

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerabili...

8.5CVSS7.4AI score0.00271EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/09 9:6 a.m.9 views

CVE-2025-3343

A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/reservationupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The...

9.8CVSS7.4AI score0.00478EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.4 views

PT-2025-14584 · Mindspore · Mindspore

Name of the Vulnerable Software and Affected Versions: MindSpore version 2.5.0 Description: A vulnerability has been found in MindSpore, affecting the function mindspore.numpy.fft.rfft2. This issue leads to memory corruption and requires a local approach to exploit. The exploit has been disclosed...

4.8CVSS3.9AI score0.00161EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.178 views

Nagios Log Server 2024R1.3.1 - Stored XSS

Exploit Title: Stored XSS Vulnerability in Nagios Log Server Privilege Escalation to Admin Date: 2025-04-02 Exploit Author: Seth Kraft Vendor Homepage: https://www.nagios.com/ Vendor Changelog: https://www.nagios.com/changelog/log-server Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder