Lucene search
K

70 matches found

Positive Technologies
Positive Technologies
added 2025/01/31 12:0 a.m.11 views

PT-2025-2594 · Ibm · Ibm Sterling B2B Integrator

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.3 Description: The issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, altering the intended...

5.4CVSS6.6AI score0.00213EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.7 views

PT-2025-2780 · Unknown · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: Graphics DDK version = 24.2 RTM2 Description: The kernel software installed and running inside a guest virtual machine VM can send improper commands to the GPU firmware, allowing it to read data outside the guest's virtualized GPU memory. Thi...

7.1CVSS6.7AI score0.00204EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.3 views

PT-2024-10475 · Gstreamer +10 · Gstreamer +10

Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.24.10 Description: The issue is related to an integer overflow in the memory reallocation process. The program attempts to reallocate memory to accommodate a certain number of elements, but if the value read from...

10CVSS6.8AI score0.01344EPSS
Exploits1References249
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.9 views

PT-2024-16394 · Safenet · Esafenet Cdg 5

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG 5 Description: A critical vulnerability has been found in ESAFENET CDG 5, affecting the function delPolicyAction of the file /com/esafenet/servlet/system/PolicyActionService.java. The manipulation of the argument id leads to SQL...

9.8CVSS7.4AI score0.00569EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.8 views

PT-2024-39322 · WordPress · Zita Elementor Site Library

Name of the Vulnerable Software and Affected Versions: Zita Elementor Site Library plugin for WordPress versions up to, and including, 1.6.3 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This allow...

6.4CVSS6.3AI score0.00367EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.7 views

PT-2024-4654 · Tibco · Spotfire For Aws Marketplace +2

Name of the Vulnerable Software and Affected Versions: Spotfire Analyst versions 12.0.9 through 12.5.0 Spotfire Analyst versions 14.0 through 14.0.2 Spotfire Server versions 12.0.10 through 12.5.0 Spotfire Server versions 14.0 through 14.0.3 Spotfire Server versions 14.2.0 through 14.3.0 Spotfire...

9.9CVSS8AI score0.00587EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.5 views

PT-2024-23416

Name of the Vulnerable Software and Affected Versions Metagauss ProfileGrid versions through 5.7.8 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting...

9.8CVSS9.1AI score0.02267EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.6 views

PT-2024-22630 · WordPress · Wp-Lister Lite For Amazon

Name of the Vulnerable Software and Affected Versions: WP-Lister Lite for Amazon versions 2.6.11 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This enables potential...

5.9CVSS8.8AI score0.00357EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.5 views

PT-2024-2599 · Tenda · Tenda Ac7

Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical vulnerability was found in the function formQuickIndex of the file /goform/QuickIndex, which can be exploited remotely. The manipulation of the argument PPPOEPassword leads to a stack-base...

9CVSS9.1AI score0.01683EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.3 views

PT-2024-19058 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9.0.0 through 9.2.6 Description: The issue is related to insufficient validation of administrator-provided data for the Name field of a Group type, allowing a rogue administrator to inject malicious code, which might be...

4.8CVSS7.1AI score0.00309EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.4 views

PT-2024-15628 · WordPress · The Royal Elementor Addons/Templates

Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.3.87 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the add to wishlist function...

4.3CVSS9.3AI score0.00224EPSS
Exploits0References6
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.3 views

Return value of ETH

Lines of code Vulnerability details Impact It is recommended that the return values of ether transfers be checked, however if transfer to the hardcoded address fails, it does not revert. Proof of Concept uint256 sc = uint256uint1600x0000000000000000000000000000000000000000; assembly "memory-safe"...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.7 views

Calculating the previous pool's 'cumulativeRewardFactor' from the current pool incorrectly calculates the reward.

Lines of code Vulnerability details Impact When we updated a transcoder with rewards and then try to update a transcoder with fees, it incorrectly calculates the reward generated in the current round for that transcoder, which also incorrectly calculates the previous pool's cumulativeRewardFactor...

6.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.8 views

PT-2023-15659 · WordPress · Wp Tiles

Name of the Vulnerable Software and Affected Versions: WP Tiles WordPress plugin versions 1.1.2 and earlier Description: The issue concerns the WP Tiles WordPress plugin, which does not properly validate and escape certain shortcode attributes before outputting them in a page or post. This could...

5.4CVSS5.2AI score0.00471EPSS
Exploits2References4
ICS
ICS
added 2023/01/26 12:0 a.m.37 views

Snap One Wattbox WB-300-IP-3

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Snap One Equipment: Wattbox WB-300-IP -3 Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Heap-based Buffer Overflow, Plaintext Storage of a Password, Insufficient Verificatio...

9.8CVSS8.5AI score0.00832EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/01/24 10:14 a.m.5 views

hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715

A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation MITIGATION V2-2 may be large enough to be exploited on AMD CPUs...

5.6CVSS6.6AI score0.74041EPSS
Exploits9References5
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.44 views

RHEL 7 : kernel-rt (RHSA-2023:0400)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0400 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.8CVSS7.3AI score0.74041EPSS
Exploits9References6
Elastic
Elastic
added 2022/05/24 4:55 p.m.8 views

Elastic Stack 7.17.4 and 8.2.1 Security Update

Elastic Stack update for CVE-2022-21449 Java vulnerability in Elliptic Curve Digital Signature Algorithm ECDSA ESA-2022-06 A vulnerability CVE-2022-21449 affecting the implementation of Elliptic Curve Digital Signing Algorithm ECDSA based signatures verification in Java JDK versions 15 and later...

7.5CVSS7.7AI score0.48235EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.2 views

hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715

A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation MITIGATION V2-2 may be large enough to be exploited on AMD CPUs...

5.6CVSS6.6AI score0.74041EPSS
Exploits9References5
RedHat Linux
RedHat Linux
added 2022/05/10 1:43 p.m.4 views

hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715

A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation MITIGATION V2-2 may be large enough to be exploited on AMD CPUs...

5.6CVSS6.6AI score0.74041EPSS
Exploits9References5
Rows per page
Query Builder