Lucene search
K

10 matches found

Cvelist
Cvelist
added 2025/09/09 3:9 p.m.53 views

CVE-2025-9712

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.20461EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 6:15 p.m.23 views

CVE-2025-3115

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions. Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code...

9.8CVSS0.00611EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/03/17 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS3.7AI score0.01943EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.8 views

EulerOS 2.0 SP12 : subversion (EulerOS-SA-2025-1198)

According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated...

4.3CVSS5AI score0.01943EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/04 11:55 p.m.7 views

CVE-2024-13171

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required...

7.8CVSS7.7AI score0.17614EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/01/15 3:24 p.m.9 views

CVE-2024-46901

A flaw was found in Apache Subversion when serving repositories via moddavsvn. This issue may allow authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository via insufficient validation of filenames against control characters...

3.1CVSS6.4AI score0.01943EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/01/14 5:16 p.m.14 views

CVE-2024-13171

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required...

7.8CVSS7.8AI score0.17614EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/04 1:56 a.m.15 views

CVE-2024-3022 BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpressprocessupload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to...

7.2CVSS7.6AI score0.01563EPSS
Exploits1References3
CVE
CVE
added 2024/04/04 1:56 a.m.76 views

CVE-2024-3022

BookingPress for WordPress (all versions

7.2CVSS9.6AI score0.01563EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/04/04 1:56 a.m.24 views

CVE-2024-3022 BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpressprocessupload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to...

7.2CVSS7.5AI score0.01563EPSS
Exploits1References3
Rows per page
Query Builder