Lucene search
K

132 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/23 12:0 a.m.10 views

Atlassian Jira Service Management Data Center and Server 5.11.3 < 5.12.20 / < 5.12.22 / 5.13.x < 10.3.5 / 10.4.x < 10.6.0 (JSDSERVER-16207)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16207 advisory. - Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in...

7.5CVSS6.5AI score0.01966EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.7 views

CVE-2022-2844

A vulnerability classified as problematic has been found in MotoPress Timetable and Event Schedule up to 1.4.06. This affects an unknown part of the file /wp/?cpmvcid=1doaction=mvparse=datafeed=1index=1=adddetails=2 of the component Calendar Handler. The manipulation of the argument...

6.1CVSS6.4AI score0.00442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:49 p.m.8 views

CVE-2021-4253

A vulnerability, which was classified as problematic, was found in ctrlo lenio. Affected is an unknown function in the library lib/Lenio.pm of the component Ticket Handler. The manipulation of the argument siteid leads to cross site scripting. It is possible to launch the attack remotely. The nam...

6.1CVSS6.3AI score0.00385EPSS
Exploits0
Veracode
Veracode
added 2025/05/19 8:12 a.m.7 views

Unauthorized State Modification

reflex is vulnerable to Unauthorized State Modification. The vulnerability is due to improper access control and event handler, including private and non-client-side fields, that allows an attacker to modify arbitrary state fields, including private ones, if their names are guessed...

6.8AI score0.00439EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 3:24 p.m.20 views

Security Bulletin: IBM Asset Data Dictionary uses netty-handler-4.1.108.Final.jar which is vulnerable to CVE-2025-24970.

Summary IBM Asset Data Dictionary uses netty-handler-4.1.108.Final.jar which is vulnerable to CVE-2025-24970. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network...

7.5CVSS6.9AI score0.01966EPSS
Exploits1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/05 7:0 a.m.9 views

CVE-2025-4269 TOTOLINK A720R Log cstecgi.cgi access control

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog...

6.9CVSS7AI score0.00489EPSS
Exploits1References6
NVD
NVD
added 2025/04/27 7:15 a.m.14 views

CVE-2025-3962

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

5.1CVSS0.00338EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/04/26 12:58 a.m.11 views

CVE-2025-3801

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to...

4.8CVSS6.1AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/16 9:31 p.m.20 views

CVE-2025-2349 IROAD Dash Cam FX2 Password Hash passwd weak password hash

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational...

3.1CVSS0.00165EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/04 7:0 p.m.7 views

CVE-2025-1949 ZZCMS URL register_nodb.php cross site scripting

A vulnerability, which was classified as problematic, has been found in ZZCMS 2025. This issue affects some unknown processing of the file /3/ucenterapi/code/registernodb.php of the component URL Handler. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack...

5.3CVSS6AI score0.00458EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/03/01 12:0 a.m.5 views

PT-2025-9187 · Eastnets · Eastnets Paymentsafe

Name of the Vulnerable Software and Affected Versions: Eastnets PaymentSafe version 2.5.26.0 Description: A problem has been found in Eastnets PaymentSafe, affecting some unknown functionality of the file /Default.aspx of the component URL Handler. The manipulation leads to improper authorization...

5.3CVSS4.4AI score0.00296EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2025/02/27 3:15 p.m.5 views

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

7.5CVSS6.6AI score0.01966EPSS
Exploits1References6
NVD
NVD
added 2025/01/22 3:15 p.m.27 views

CVE-2023-37023

Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

8.6CVSS0.00752EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.13 views

CVE-2023-37023

Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

6.7AI score0.00752EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/01/21 12:0 a.m.8 views

The vulnerability of the New Process Group Handler component in the Apache NiFi data processing platform allows a hacker to gain unauthorized access to read, modify, or delete data.

The vulnerability of the New Process Group Handler component in the Apache NiFi data processing platform is related to the improper use of intermediaries. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to read, modify, or delete data...

5.5CVSS5.4AI score0.03095EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/01/05 12:15 p.m.40 views

CVE-2024-13140

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=uploadcover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launc...

5.4CVSS0.00315EPSS
Exploits1References5
Zero Day Initiative
Zero Day Initiative
added 2024/12/19 12:0 a.m.9 views

(0Day) Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the customhandler method. The issue results from the lack of...

8.1CVSS7.4AI score0.00994EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/12/16 6:31 p.m.10 views

CVE-2024-12661 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E024 null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack need...

6.8CVSS6.6AI score0.00371EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/16 5:31 p.m.22 views

CVE-2024-12658 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E01C null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This issue affects the function 0x8001E01C in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Local access is required t...

6.8CVSS0.00451EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/16 5:0 p.m.11 views

CVE-2024-12656 FabulaTech USB over Network IOCT ftusbbus2.sys 0x220448 null pointer dereference

A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The...

6.8CVSS6.7AI score0.00305EPSS
Exploits1References4
Rows per page
Query Builder