Lucene search
K

120 matches found

CNNVD
CNNVD
added 2024/10/11 12:0 a.m.4 views

LoLLMs 安全漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMs that stems from improper parameter cleanup, resulting in a path traversal vulnerability that allows an attacker to read any file on the victim's comput...

4.4CVSS4.7AI score0.00353EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.5 views

WordPress plugin Quiz and Survey Master 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

4.8CVSS5.8AI score0.00373EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/13 12:0 a.m.3 views

WordPress plugin Carousel Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS6.7AI score0.00325EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.5 views

Naver Whale Browser Security Vulnerability

Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 3.26.244.21, which stems from improper cleanup when dealing with built-in extensions, allowing an attacker to...

9.6CVSS6.9AI score0.0037EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/02 12:0 a.m.5 views

The vulnerability of Firefox ESR and the Thunderbird email client, related to improper cleaning or release of resources, allows attackers to compromise the confidentiality, accessibility, and integrity of protected information.

The vulnerability of Firefox ESR and the Thunderbird email client is related to improper cleaning or release of resources. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, accessibility, and integrity of protected information...

7.6CVSS5.7AI score0.00699EPSS
Exploits0References15Affected Software6
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.1 views

WordPress plugin Widget Bundle security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security...

6.1CVSS6.8AI score0.00356EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.4 views

WordPress plugin Social Sharing security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.1CVSS6.4AI score0.00456EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.3 views

NuGet Gallery Security Vulnerability

NuGet Gallery is a NuGet open source package repository that supports NuGet. A security vulnerability exists in NuGet Gallery versions prior to 2024.05.28, which stems from improper cleanup when handling automatic links in Markdown content and is vulnerable to cross-site scripting attacks...

6.1CVSS6AI score0.00656EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.4 views

AutomationDirect C-MORE EA9 HMI 路径遍历漏洞

The AutomationDirect C-MORE EA9 HMI is a touchscreen from AutomationDirect, Inc. A path traversal vulnerability exists in the AutomationDirect C-MORE EA9 HMI that stems from not properly cleaning up content, allowing an attacker to perform path traversal over a URL...

7.5CVSS6.8AI score0.00618EPSS
Exploits0References2
Veracode
Veracode
added 2024/03/15 6:11 a.m.34 views

Denial Of Service (DoS)

org.apache.tomcat: tomcat-websocket is vulnerable to Denial of Service DoS. The vulnerability is due to improper cleanup of WebSocket connections during a session timeout. If a client fails to send a close message within the timeout period, the websocket connection will continue to hold resources...

6.3CVSS6.5AI score0.02313EPSS
Exploits0References11Affected Software3
NVD
NVD
added 2024/03/13 6:15 p.m.9 views

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

5.9CVSS6.2AI score0.00421EPSS
Exploits0References1
OSV
OSV
added 2024/03/13 6:15 p.m.2 views

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

5.9CVSS5.8AI score0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/13 6:5 p.m.13 views

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

6.5AI score0.00421EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/28 12:0 a.m.6 views

The vulnerability in the pan/addr_resolv.c component of the Wireshark traffic analysis software allows a hacker to cause a service failure.

The vulnerability of the pan/addrresolv.c component in the Wireshark traffic analysis tool is related to improper resource cleanup or release. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.2AI score0.01296EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/01/18 12:0 a.m.5 views

The vulnerability of the HTTPS Transaction Handler component in the software for processing and transmitting confidential data of Progress MOVEit Transfer allows a attacker to trigger a service failure.

The vulnerability of the HTTPS Transaction Handler component in the software for processing and transmitting confidential data of Progress MOVEit Transfer is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.5CVSS7AI score0.00539EPSS
Exploits0References3
OSV
OSV
added 2024/01/15 4:15 p.m.2 views

CVE-2024-0316

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

7.5CVSS5.8AI score0.00315EPSS
Exploits0References1
Prion
Prion
added 2024/01/15 4:15 p.m.13 views

Input validation

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

5CVSS7.1AI score0.00315EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/15 4:4 p.m.25 views

CVE-2024-0316 Improper cleanup vulnerability in FireEye Endpoint Security

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

6.8CVSS7.6AI score0.00315EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/15 12:0 a.m.4 views

PT-2024-1413 · Fireeye · Fireeye Endpoint Security

Name of the Vulnerable Software and Affected Versions: FireEye Endpoint Security version 5.2.0.958244 Description: The issue is related to improper cleanup in exceptions thrown by FireEye Endpoint Security. This could allow an attacker to send multiple request packets to the containment...

7.8CVSS7.4AI score0.00315EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.6 views

The vulnerability of the Microsoft .NET Framework software platform, related to improper cleaning or release of resources, allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft .NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.2AI score0.03578EPSS
Exploits0References2
Rows per page
Query Builder