Lucene search
K

131 matches found

OSV
OSV
added 2023/07/17 2:15 p.m.3 views

CVE-2023-2959

Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users.This issue affects Oliva Expertise EKS: before 1.2...

7.5CVSS5.8AI score0.00526EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.6 views

WordPress Plugin Swatchly 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS8.2AI score0.00256EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.18 views

WordPress plugin Newsletter Popup 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

8.8CVSS8.1AI score0.00389EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/03/16 8:57 a.m.8 views

CVE-2022-40699 WordPress Yet Another Stars Rating Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)

Cross-Site Scripting XSS vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin = 3.1.2 versions...

5.4CVSS5.8AI score0.00384EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.3 views

Stellarium 路径遍历漏洞

Stellarium is a free GPL software from Stellarium that uses OpenGL to render realistic skies in real time. A security vulnerability exists in Stellarium version 1.2 and earlier versions. An attacker can exploit this vulnerability to read arbitrary files on the server running the application...

9.8CVSS8.5AI score0.01558EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/16 3:2 a.m.4 views

SUSE CVE-2023-25563

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...

5.9CVSS7.2AI score0.01091EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/02/03 12:0 a.m.8 views

CVE-2023-23087

An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function...

7.5AI score0.0086EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.4 views

Dropbox Lepton 安全漏洞

Dropbox Lepton is a set of tools for lossless compression of JPEG format files. A denial of service vulnerability exists in LEPTON Project Dropbox Lepton version 1.2, which can be exploited to launch a denial of service attack by passing a carefully crafted JPEG file to the Lepton image compressi...

5.5CVSS6.6AI score0.0032EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/17 12:0 a.m.3 views

PT-2022-27479 · Unknown · Ifeature Slider

Name of the Vulnerable Software and Affected Versions: iFeature Slider plugin version 1.2 and earlier Description: A Stored Cross-Site Scripting XSS issue exists, allowing contributors or higher to inject malicious scripts. Recommendations: For iFeature Slider plugin version 1.2 and earlier, upda...

5.4CVSS6AI score0.00393EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/09/23 2:40 p.m.7 views

CVE-2022-38061 WordPress Export Post Info plugin <= 1.2.0 - Authenticated CSV Injection vulnerability

Authenticated author+ CSV Injection vulnerability in Export Post Info plugin = 1.2.0 at WordPress...

6.2CVSS6.5AI score0.00617EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/18 5:15 p.m.2 views

CVE-2022-2443

The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...

8.8CVSS5.9AI score0.00629EPSS
Exploits0References4
OSV
OSV
added 2022/06/30 6:15 p.m.5 views

CVE-2022-34793

Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS5.8AI score0.00885EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.5 views

Jenkins Plugin Recipe 安全漏洞

Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An authorization issue vulnerability...

6.5CVSS5.7AI score0.00605EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/10 12:0 a.m.8 views

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version 1.2, which stems from a containment segmentation violation at an unknown address in /Source/C++/Core/Ap4DataBuffer.cpp...

5.5CVSS5.7AI score0.00655EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/08 10:15 a.m.6 views

CVE-2022-1684

The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...

4CVSS5.8AI score0.00764EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/01/21 12:0 a.m.4 views

Platinum UPnP SDK 路径遍历漏洞

The Platinum UPnP SDK is a cross-platform C++ library that is primarily used to build DLNA/UPnP control points. The Platinum Upnp SDK suffers from a path traversal vulnerability that stems from Platinum Upnp SDK 1.2.0 having a directory traversal vulnerability. The attack can be exploited by...

7.5CVSS6.2AI score0.01711EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/12/10 12:0 a.m.15 views

PT-2021-5597

Name of the Vulnerable Software and Affected Versions Log4j version 1.2 Description The issue is related to the JMSAppender in Log4j 1.2, which is vulnerable to deserialization of untrusted data. An attacker with write access to the Log4j configuration can provide TopicBindingName and...

9CVSS7.4AI score0.81147EPSS
Exploits9References137
OSV
OSV
added 2021/08/16 7:15 p.m.9 views

CVE-2021-34651

The Scribble Maps WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the map parameter in the /includes/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

6.1CVSS5.8AI score0.00895EPSS
Exploits1References2
OSV
OSV
added 2021/04/08 10:41 p.m.6 views

OPENSUSE-SU-2021:0522-1 Security update for fwupd

This update for fwupd fixes the following issues: - Update to version 1.2.14: bsc1182057 - Add SBAT section to EFI images bsc1182057 - CVE-2020-10759: Validate that gpgmeopverifyresult returned at least one signature bsc1172643 This update was imported from the SUSE:SLE-15-SP2:Update update proje...

6CVSS6.1AI score0.0049EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.4 views

Veritas Backup Exec 安全漏洞

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

9.8CVSS8.6AI score0.6491EPSS
Exploits5References4
Rows per page
Query Builder