Lucene search
K

186 matches found

UbuntuCve
UbuntuCve
added 2026/02/12 11:16 p.m.8 views

CVE-2020-37167

ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious...

8.6CVSS5.9AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.9 views

PT-2026-7942

ClamAV ClamBC bytecode interpreter contains a vulnerability in function name processing that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in...

9.8CVSS5.6AI score0.00172EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/05 7:13 a.m.3 views

EUVD-2025-206874

Infinera DNA is vulnerable to a time-based SQL injection vulnerability due to insufficient input validation, which may result in leaking of sensitive information...

6.3CVSS5.6AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2026/02/01 1:15 p.m.8 views

CVE-2022-50951

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

6.4CVSS0.00305EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/01 12:56 p.m.8 views

EUVD-2022-55946

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

6.4CVSS6AI score0.00305EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.12 views

PT-2026-5572

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

6.4CVSS6AI score0.00305EPSS
Exploits0References4
CVE
CVE
added 2026/01/29 2:28 p.m.10 views

CVE-2020-37008

CVE-2020-37008 affects EasyPMS 1.0.0. The vulnerability is an authentication bypass that lets unprivileged users manipulate SQL queries in JSON requests by injecting single quotes in ID parameters, allowing access to admin user information and potential modification of admin passwords without pro...

8.7CVSS5.9AI score0.00456EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/29 2:28 p.m.4 views

CVE-2020-37008

EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without...

8.7CVSS5.9AI score0.00456EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/21 1:41 p.m.2 views

CVE-2026-22022

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS5.5AI score0.00491EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/21 1:41 p.m.5 views

CVE-2026-22022 Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS7.1AI score0.00491EPSS
Exploits0References4
CVE
CVE
added 2025/11/27 5:0 a.m.36 views

CVE-2025-12758

CVE-2025-12758—Validator.js isLength() Unicode variation selector bypass . Multiple IBM advisories reference affected product lines (e.g., IBM App Connect Enterprise, QRadar) where validator versions earlier than 13.15.22 are vulnerable due to incomplete filtering of Unicode variation selectors i...

8.7CVSS6.7AI score0.00454EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2025/11/19 12:0 a.m.14 views

CVE-2025-51662

FileCodeBox contains a stored XSS in the text sharing feature for versions ≤ 2.2 due to insufficient input validation. Attackers can inject JavaScript into shared codeboxes, and the payload executes in users’ browsers when they access the infected codebox via a link or shared code. Connected advi...

5.4CVSS5.5AI score0.00148EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46310

Name of the Vulnerable Software and Affected Versions Axis Communications affected versions not specified Description An ACAP configuration file has improper permissions and lacks input validation, potentially leading to privilege escalation. Exploitation requires the Axis device to allow the...

6.7CVSS6.5AI score0.00126EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.5 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.2.4, which stems from insufficient...

5.4CVSS5.9AI score0.00407EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-29341

Malware in sbrugna...

7.5CVSS7.5AI score0.01125EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0884

Malware in sbrugna...

5.9CVSS5.6AI score0.01089EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-29342

Malware in sbrugna...

7.5CVSS7.5AI score0.0151EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25391

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00386EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24849

Malicious code in bioql PyPI...

4.9CVSS6.5AI score0.00419EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49065

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01032EPSS
Exploits0References1
Rows per page
Query Builder