Lucene search
K

107 matches found

ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.6 views

CVE-2022-20883

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.00947EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.5 views

CVE-2022-20888

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.01005EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.5 views

CVE-2022-20900

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.00876EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/20 4:0 p.m.5 views

CVE-2022-20885

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.01081EPSS
Exploits0References2
OSV
OSV
added 2022/05/24 5:10 p.m.19 views

GHSA-6C7R-6P5M-CP82 Improper Neutralization of Input During Web Page Generation in Jenkins Git Plugin

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS6.4AI score0.00853EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/04/29 12:0 a.m.20 views

CVE-2020-15225

django-filter is a generic system for filtering Django QuerySets based on user selections. In django-filter before version 2.4.0, automatically generated NumberFilter instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential...

7.5CVSS7AI score0.01797EPSS
Exploits0
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.7 views

Gitlab CE/EE Input Validation Error Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in Gitlab CE/EE version...

6.5CVSS6.6AI score0.01244EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/01/27 5:15 a.m.18 views

CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

7.8CVSS7AI score0.0192EPSS
Exploits1References5
Prion
Prion
added 2019/12/26 5:15 p.m.25 views

Information disclosure

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special...

6.4CVSS7.4AI score0.02587EPSS
Exploits0References8Affected Software5
Debian CVE
Debian CVE
added 2019/12/26 4:40 p.m.27 views

CVE-2019-16789

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special...

8.2CVSS6.3AI score0.02587EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.43 views

Security Bulletin: Multiple vulnerabilities in ntp affect IBM Flex System Manager (FSM) (CVE-2014-9293, CVE-2014-9294, CVE-2014-9297, CVE-2014-9298)

Summary There are multiple vulnerabilities in ntp that is used by IBM Flex System Manager. Vulnerability Details Summary There are multiple vulnerabilities in ntp that is used by IBM Flex System Manager. Vulnerability Details: CVE-ID: CVE-2014-9293 Description: Network Time Protocol NTP Project N...

7.5CVSS0.6AI score0.12978EPSS
Exploits2Affected Software1
OSV
OSV
added 2019/01/24 4:29 a.m.4 views

CVE-2018-17698

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.2AI score0.03855EPSS
Exploits0References2
OSV
OSV
added 2018/02/23 10:29 p.m.4 views

UBUNTU-CVE-2018-7325

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field...

7.5CVSS6.7AI score0.02385EPSS
Exploits0References5
OSV
OSV
added 2018/02/23 10:29 p.m.20 views

CVE-2018-7325

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field...

7.5CVSS7.6AI score
Exploits0References5
Prion
Prion
added 2017/12/05 5:29 p.m.18 views

Memory corruption

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory...

4.6CVSS7.7AI score0.00155EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/07/13 4:28 p.m.33 views

OLX: Manipulating joinolx.com Job Vacancy alert subscription emails (HTML Injection / Script Injection)

Hello, Another report here. Description I found that www.joinolx.com has an option to do subscription for vacancy alert. So I took a look at that. I was able to include my HTML codes to manipulate emails sent to my address. The Name field in the subscription form doesn't validate the name to stri...

6.8AI score
Exploits0
Prion
Prion
added 2015/09/17 4:59 p.m.14 views

Design/Logic Flaw

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node...

3.5CVSS6.8AI score0.00914EPSS
Exploits0References2Affected Software1
myhack58
myhack58
added 2015/08/31 12:0 a.m.34 views

Well-known Forum systems MyBB is burst 0day vulnerabilities-vulnerability warning-the black bar safety net

MyBB is very good Free Forum software, the biggest feature is simple but the functionality is surprisingly powerful. Multi-language support, may be respectively provided at the front Desk the background of the language, each user can set their own use what kind of language to access the forums,...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/07/21 10:15 a.m.7 views

ntp: vallen in extension fields are not validated

A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash...

7.2AI score
Exploits0References5
Exploit DB
Exploit DB
added 2015/05/26 12:0 a.m.21 views

WordPress Plugin church_admin 0.800 - Persistent Cross-Site Scripting

Exploit Title: Wordpress churchadmin Stored XSS Date: 21-04-2015 Exploit Author: woodspeed Vendor Homepage: https://wordpress.org/plugins/church-admin/ Version: 0.800 OSVDB ID : http://www.osvdb.org/show/osvdb/121304 WPVULNDB ID : https://wpvulndb.com/vulnerabilities/7999 Category: webapps 1...

7.4AI score
Exploits0
Rows per page
Query Builder