CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1221 matches found

BDU FSTEC•added 2024/02/15 12:0 a.m.•2 views

The vulnerability of the email encryption software for Jira S/Notify, related to the， allows a hacker to perform a CSRF attack.

The vulnerability of the email encryption software for Jira S/Notify is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to execute a CSRF attack remotely...

9.7CVSS6.9AI score0.00193EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2024/02/02 12:0 a.m.•2 views

The vulnerability of FireEye Endpoint Security’s software for protecting servers and workstations lies in errors in the network subsystem’s counters. This allows a malicious actor to trigger a service failure.

The vulnerability of FireEye Endpoint Security’s software for protecting servers and workstations is related to errors in counting pointers within the network subsystem. Exploiting this vulnerability allows a malicious actor to trigger a service failure using the Containmentnotify/preview paramet...

7.8CVSS7.2AI score0.00315EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/01/31 12:0 a.m.•7 views

WordPress Fatal Error Notify Plugin < 1.5.3 is vulnerable to Broken Access Control

Software Fatal Error Notify Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-7202 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55ba4f7fb253 Credits Dmitrii Ignatyev Required...

6.1CVSS6.5AI score0.00228EPSS

Exploits3References4Affected Software1

Patchstack•added 2024/01/25 12:0 a.m.•8 views

WordPress WP-Reply Notify Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP-Reply Notify Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-7195 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7401ece8f5d0 Credits Daniel Ruf Required...

7AI score0.00176EPSS

Exploits2References2Affected Software1

CNNVD•added 2024/01/19 12:0 a.m.•3 views

liuwy-dlsdys zhglxt Cross-Site Scripting Vulnerability

zhglxt is a web application by the Chinese liuwy-dlsdys individual developer. A cross-site scripting vulnerability exists in liuwy-dlsdys zhglxt version 4.7.7, which stems from the parameter notifyTitle in the file /oa/notify/edit that causes cross-site scripting...

4.8CVSS6AI score0.00494EPSS

Exploits1References4

Positive Technologies•added 2024/01/19 12:0 a.m.•5 views

PT-2024-15777 · Unknown · Liuwy-Dlsdys Zhglxt

Name of the Vulnerable Software and Affected Versions: liuwy-dlsdys zhglxt version 4.7.7 Description: A problematic issue has been found in the HTTP POST Request Handler component, affecting the processing of the file /oa/notify/edit. The manipulation of the notifyTitle argument leads to cross-si...

4.8CVSS4.1AI score0.00494EPSS

Exploits1References8

OSV•added 2024/01/15 4:15 p.m.•1 views

CVE-2024-0316

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

7.5CVSS5.8AI score0.00315EPSS

Exploits0References1

CNNVD•added 2024/01/15 12:0 a.m.•2 views

Trellix Endpoint Security Security Vulnerabilities

Trellix Endpoint Security ENS is an endpoint security solution from FireEye USA Trellix. A security vulnerability exists in Trellix Endpoint Security version 5.2.0.958244, which stems from an improper cleanup vulnerability in thrown exceptions. The vulnerability could allow an attacker to send...

7.5CVSS6.8AI score0.00315EPSS

Exploits0References2

Positive Technologies•added 2024/01/15 12:0 a.m.•2 views

PT-2024-1413 · Fireeye · Fireeye Endpoint Security

Name of the Vulnerable Software and Affected Versions: FireEye Endpoint Security version 5.2.0.958244 Description: The issue is related to improper cleanup in exceptions thrown by FireEye Endpoint Security. This could allow an attacker to send multiple request packets to the containment...

7.8CVSS7.4AI score0.00315EPSS

Exploits0References5

OSV•added 2024/01/09 7:15 a.m.•2 views

CVE-2023-50932

An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visitin...

5.4CVSS5.8AI score0.00173EPSS

Exploits0References1

NVD•added 2024/01/09 7:15 a.m.•9 views

CVE-2023-50932

8.3CVSS8.3AI score0.00173EPSS

Exploits0References1

OSV•added 2024/01/09 7:15 a.m.•1 views

CVE-2023-50931

An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting...

5.4CVSS5.8AI score0.00173EPSS

Exploits0References1

NVD•added 2024/01/09 7:15 a.m.•3 views

CVE-2023-50931

8.3CVSS8.3AI score0.00173EPSS

Exploits0References1

OSV•added 2024/01/09 7:15 a.m.•2 views

CVE-2023-50930

An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...

7.1CVSS5.8AI score

Exploits0References1

NVD•added 2024/01/09 7:15 a.m.•9 views

CVE-2023-50930

8.3CVSS8.3AI score0.00193EPSS

Exploits0References1