Lucene search
K

6513 matches found

ATTACKERKB
ATTACKERKB
added 2023/12/27 4:15 p.m.3 views

CVE-2023-3171

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...

7.5CVSS5.8AI score0.00851EPSS
Exploits0References7
OSV
OSV
added 2023/12/27 4:15 p.m.8 views

CVE-2023-3171

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...

7.5CVSS7AI score0.00851EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2023/12/23 2:2 p.m.77 views

Exploit for Authorization Bypass Through User-Controlled Key in Zabbix

CVE-2019-17382 - Zabbix Authentication Bypass A critical vuln...

9.1CVSS7.5AI score0.5415EPSS
Exploits5
Cvelist
Cvelist
added 2023/12/18 1:43 p.m.39 views

CVE-2023-5056 Skupper-operator: privelege escalation via config map

A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of...

6.8CVSS6.4AI score0.00273EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/12/18 12:0 a.m.12 views

JavaScript Source Map Detected

Developers often combine and minify their application JavaScript sources to help the server delivering it more efficiently to the client browsers. Sometimes, web applications JavaScript code may also be transpiled from another language like CoffeeScript of TypeScript. A source map is a file that...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/14 12:0 a.m.5 views

PT-2023-8763 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.7.0-rc3-00699-g90679706d486-dirty 494 Description: The vulnerability is related to a race condition between btf put and map free in the Linux kernel. This issue can lead to a slab-use-after-free error,...

7.8CVSS6.6AI score0.78388EPSS
Exploits2References467
Snyk
Snyk
added 2023/12/07 10:0 p.m.2 views

Directory Traversal

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Directory Traversal in the retrieveSourceMap function. Note: This issue is not a vulnerability because no real attack scenario can happen in the context of the package, where the developer...

8.7CVSS7.6AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2023/12/06 7:18 p.m.3 views

mapofthepast.com Improper Access Control vulnerability OBB-3804558

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/12/03 12:0 a.m.4 views

NESP2 SQL Injection Vulnerability

NESP2 is a web map open source by Reiner Lemoine Institut. NESP2 suffers from a SQL injection vulnerability that stems from a SQL injection problem in app/database.py...

9.8CVSS8AI score0.00758EPSS
Exploits0References5
WPVulnDB
WPVulnDB
added 2023/11/24 12:0 a.m.7 views

10Web Map Builder for Google Maps < 1.0.74 - Cross-Site Request Forgery to Notice Dismissal

Description The 10Web Map Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.73. This is due to missing or incorrect nonce validation on the gmwdbpinstallnoticestatus function. This makes it possible for unauthenticated attackers to...

6.6AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.17 views

WP GPX Map < 1.7.06 - Missing Authorization

Description The WP GPX Map plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpgpxmapsdismissnotice function in versions up to, and including, 1.7.05. This makes it possible for authenticated attackers, with subscriber-level access an...

6.1AI score0.00277EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.24 views

Multi-column Tag Map < 17.0.27 - Cross-Site Request Forgery

Description The Multi-column Tag Map plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the scmcTagMappluginoptions function in versions up to, and including, 17.0.26. This makes it possible for unauthenticated attackers to update the plugin's setting...

6.8AI score0.00412EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.17 views

Leaflet Map < 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level and above...

6.4CVSS5.9AI score0.00421EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/11/22 10:15 p.m.11 views

CVE-2023-47767

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

7.1CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/11/22 10:15 p.m.3 views

CVE-2023-47767

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

6.1CVSS7.3AI score0.00412EPSS
Exploits0References1
Prion
Prion
added 2023/11/22 10:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

5.8CVSS7.1AI score0.00412EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/22 9:59 p.m.70 views

CVE-2023-47767

CVE-2023-47767 affects the WordPress plugin Fla-shop.Com Interactive World Map (versions = 3.4.4 to resolve the vulnerability; if immediate upgrade is not possible, apply any vendor-reported mitigation. This CVE is publicly listed with severity around medium-to-high depending on scoring source, a...

7.1CVSS6.6AI score0.00412EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/22 9:59 p.m.14 views

CVE-2023-47767 WordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

7.1CVSS7.1AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/11/22 4:15 p.m.6 views

CVE-2023-5128

The TCD Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'map' shortcode in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

5.4CVSS6.7AI score0.00545EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.5 views

PT-2023-30596 · WordPress · Fla-Shop.Com Interactive World Map

Name of the Vulnerable Software and Affected Versions: Fla-shop.Com Interactive World Map plugin versions prior to 3.2.0 Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. Recommendations: For versions prior to...

7.1CVSS6.7AI score0.00412EPSS
Exploits0References3
Rows per page
Query Builder