Lucene search
K

142 matches found

CNNVD
CNNVD
added 2025/08/19 12:0 a.m.8 views

Nginx Proxy Manager 安全漏洞

Nginx Proxy Manager is a Docker container for Nginx Proxy Manager open source. It is used to manage Nginx proxy hosts through a simple and powerful interface. A security vulnerability exists in Nginx Proxy Manager version v2.12.3, which stems from an improperly configured CORS and could lead to a...

5.3CVSS6.7AI score0.00356EPSS
Exploits0References3
Amd
Amd
added 2025/06/03 12:0 a.m.10 views

Versal™ Adaptive SoC – Improper Configuration of the Secure Stream Switch during Post-Boot Cryptographic Operations

AMD ID: AMD-SB-8011 Potential Impact: N/A Severity: N/A Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that allows a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECD...

3.2CVSS7.2AI score0.00126EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:55 a.m.9 views

CVE-2024-28069

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and...

7.5CVSS6.5AI score0.00573EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.6 views

CVE-2023-30674

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...

6.5CVSS6.8AI score0.00502EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 p.m.7 views

CVE-2021-35070

RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile...

6.5CVSS6.8AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:26 p.m.6 views

CVE-2021-25399

Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege...

7.1CVSS6.8AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:31 p.m.4 views

CVE-2021-30346

RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking...

6.5CVSS7.2AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.7 views

CVE-2020-0574

Improper configuration in block design for IntelR MAXR 10 FPGA all versions may allow an authenticated user to potentially enable escalation of privilege and information disclosure via physical access...

5.9CVSS6.7AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:30 a.m.7 views

CVE-2019-5277

Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation...

7.5CVSS6.6AI score0.00764EPSS
Exploits0References1
NVD
NVD
added 2025/04/25 12:15 p.m.17 views

CVE-2024-11917

The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.9.2. This is due to improper configurations in the 'jobsearchxingresponsedatacallback', 'setaccesstokes', and 'googlecallback' functions. This makes it possible for...

8.1CVSS0.00448EPSS
Exploits0References2
Veracode
Veracode
added 2025/03/28 2:34 a.m.4 views

Remote Code Execution (RCE)

litellm is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of the 'postcallrules' configuration, allowing an attacker to specify a system method as a callback, leading to arbitrary command execution...

8.8CVSS8AI score0.01463EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2025/01/28 4:3 a.m.8 views

Credential Disclosure

github.com/writefreely/writefreely is vulnerable to Credential Disclosure. The vulnerability is due to improper configuration management. Specifically, the sensitive information in the config.ini file is not adequately protected, allowing local users to access it and discover credentials when MyS...

8.4CVSS6.4AI score0.00203EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2024/12/19 2:43 p.m.10 views

XML External Entity (XXE)

Unstructured is vulnerable to XML External Entity XXE. The vulnerability is due to improper configuration while setting resolveentities=False for parsing XML with lxml in partitionxml, which allows external entities to be processed...

9.8CVSS6.7AI score0.00535EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/06 12:0 a.m.4 views

The vulnerability of NextCloud Mail’s email client allows unauthorized individuals to disclose confidential information, enabling attackers to expose protected data.

The vulnerability of NextCloud Mail’s email client stems from improper automatic configuration. Exploiting this vulnerability allows a malicious actor to disclose protected information remotely...

8.2CVSS5.4AI score0.00698EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2024/12/04 12:0 a.m.9 views

Cisco NX-OS Permissions, Privileges, and Access Controls (CVE-2015-4234)

Cisco NX-OS 6.02 and 6.22 on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127. This plugin only works with Tenable.ot. Please visit...

7.2CVSS5.4AI score0.00417EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/11/18 12:0 a.m.10 views

CVE-2024-52946

An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value...

8.8CVSS5.3AI score0.00473EPSS
Exploits0
Oracle linux
Oracle linux
added 2024/11/08 12:0 a.m.14 views

NetworkManager-libreswan security update

1.2.4-2.0.1 - Fix improper escaping of Libreswan configuration CVE-2024-9050Orabug: 37206712...

7.8CVSS6.9AI score0.00452EPSS
Exploits0
Veracode
Veracode
added 2024/10/29 7:6 a.m.18 views

Arbitrary Code Execution

org.openrefine, database is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper configuration in the database extension of OpenRefine, specifically the enableloadextension property that permits loading local or remote extension DLLs...

8.8CVSS6.7AI score0.00658EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.14 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from...

6.5CVSS6.6AI score0.00281EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/04/28 1:15 p.m.28 views

CVE-2022-48652

In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 "ice: ethtool: Prohibit improper channel config for DCB" already disallow setti...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References4
Rows per page
Query Builder