Lucene search
K

5 matches found

CVE
CVE
added 2026/05/11 8:34 p.m.13 views

CVE-2026-43877

CVE-2026-43877 (WWBN/AVideo) : CSRF in objects/userSavePhoto.php allows a logged‑in user’s profile photo to be overwritten with arbitrary bytes via a crafted cross‑origin POST, due to missing CSRF protection (the endpoint does not use the .json.php suffix and is excluded from autoCSRFGuard), no t...

5.4CVSS5.9AI score0.00121EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.4 views

SUSE CVE-2020-14694

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

5.3CVSS5.7AI score0.00549EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/04/05 12:0 a.m.5 views

PT-2021-18628 · Friendica · Friendica

Name of the Vulnerable Software and Affected Versions: Friendica versions through 2021.01 Description: The issue allows the settings/userexport feature to be accessed by anonymous users, potentially leading to excessive memory consumption and attempted access to an array offset on a value of type...

7.5CVSS6.7AI score0.01517EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.8 views

PT-2020-11213 · Siemens · Scalance S612 +3

Name of the Vulnerable Software and Affected Versions: SCALANCE S602 versions 3.0 through 4.0 SCALANCE S612 versions 3.0 through 4.0 SCALANCE S623 versions 3.0 through 4.0 SCALANCE S627-2M versions 3.0 through 4.0 Description: A security issue has been identified that could allow Cross-Site...

6.1CVSS6AI score0.00721EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/03/24 12:0 a.m.5 views

PT-2017-17615 · Cmsms · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple CMSMS version 2.1.6 Description: A security issue exists in the "Content--News--Add Article" feature of the software, where an attacker can exploit the m1 summary parameter to conduct a cross-site scripting XSS attack. This...

5.4CVSS5.4AI score0.0052EPSS
Exploits1References4
Rows per page
Query Builder