Lucene search
K

1119 matches found

CNVD
CNVD
added 2022/06/15 12:0 a.m.49 views

WordPress Plugin Keep Backup Daily Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin Keep Backup Daily version 2.0.2 and prior versions, which stems from insufficient...

6.1CVSS6AI score0.01031EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.5 views

WordPress plugin Ultimate Member 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Ultimate...

6.4CVSS5.3AI score0.00872EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.3 views

Delta Electronics CNCSoft 安全漏洞

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics, China. A security vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to cause a stack buffer overflow when processing a specific project file, as the affected produc...

7.8CVSS7.6AI score0.0217EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.4 views

Delta Electronics CNCSoft 缓冲区错误漏洞

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics, China. An out-of-bounds read vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to cause an out-of-bounds read condition due to the affected product not properly...

7.1CVSS7AI score0.00311EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/11/01 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress WP Reactions Lite plugin prior to 1.3.6. The vulnerability stems from a failure to properly clean up input on the wp-admin...

5.4CVSS5.2AI score0.00629EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.4 views

edge.js 跨站脚本漏洞

edge.js is the Node.js template engine. edges.js versions prior to 5.3.2 have a cross-site scripting vulnerability that stems from a type obfuscation vulnerability that can be exploited to bypass input cleanup when the input to be rendered is an array, even if is used, and can be used by attacker...

6.1CVSS5.9AI score0.00877EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/09/06 12:0 a.m.4 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the Cookie...

5.4CVSS5.6AI score0.00624EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/08/09 12:0 a.m.6 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the WordPress plugin Forms before 1.12.3, which stems from the form's "Ad...

5.4CVSS5.8AI score0.0062EPSS
Exploits2References1
CNVD
CNVD
added 2021/03/09 12:0 a.m.10 views

GitLab Code Execution Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab 13.8 and later,...

5.4CVSS7.4AI score0.00807EPSS
Exploits0References1
NCSC
NCSC
added 2020/12/28 12:0 a.m.5 views

Vulnerability fixed in Zyxel products

Due to the lack of input string cleanup in the CGI program "chgexppwd", a malicious party can inject commands inject. Zyxel has released updates to fix the vulnerability. For more information see: https://www.zyxel.com/support /Zyxel-security-advisory-for-command-injection-vulnerability-of-f...

9CVSS6.7AI score0.02344EPSS
Exploits0
CNVD
CNVD
added 2020/08/05 12:0 a.m.2 views

Red Hat CloudForms Cross-Site Scripting Vulnerability (CNVD-2020-44409)

Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. A security vulnerability exists in Report Menu in Red Hat CloudForms,...

5.4CVSS5.8AI score0.00661EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/11 12:0 a.m.3 views

Microsoft Azure DevOps Server Cross-Site Scripting Vulnerability (CNVD-2020-19008)

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Azure DevOps Server that stems from the...

5.4CVSS6.1AI score0.01328EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/02/27 12:0 a.m.4 views

The vulnerability of the WriteTIFFImage function in the program for reading and editing ImageMagick graphic files involves accessing confidential data beyond the buffer limit of memory. This allows attackers to gain access to sensitive information and cause system failures.

The vulnerability of the WriteTIFFImage function in the ImageMagick program, which is used for reading and editing graphic files, is related to the absence or incomplete cleaning of input data. Exploiting this vulnerability can allow a malicious actor to compromise data confidentiality, as well a...

8.1CVSS6.7AI score0.04092EPSS
Exploits1References10Affected Software3
CNVD
CNVD
added 2019/12/11 12:0 a.m.1 views

Git for Visual Studio Remote Code Execution Vulnerability (CNVD-2020-01956)

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle.Git for Visual Studio is one of the Git Distributed Version Control Git for Visual Studio i...

9.3CVSS8AI score0.22427EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/11 12:0 a.m.1 views

Git for Visual Studio Remote Code Execution Vulnerability

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle.Git for Visual Studio is one of the Git Distributed Version Control Git for Visual Studio i...

9.3CVSS8AI score0.25666EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.3 views

Abus Security Center 'FTP' HTML Injection Vulnerability

Abuse is a popular video game. An HTML injection vulnerability exists in Abus Security Center due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to execute arbitrary script code in the context of an affected browser to steal a user's...

7.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure

In the HID driver for the Zeroplus gaming manipulator, there is no mechanism for cleaning the entered information, which leads to local service failure...

4.7CVSS6.5AI score0.00419EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure

In the HID driver for various Logitech devices, there is no mechanism for cleaning the entered information in real-time. This leads to a local failure in service provision...

4.7CVSS7.1AI score0.00394EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2011/03/17 12:0 a.m.11 views

WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities

This WordPress Sodahead Polls plugin is prone to multiple cross-site scripting vulnerabilities that fail to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

2.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder