Lucene search
K

92 matches found

CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

Seeyon FE Collaborative Office Platform 安全漏洞

Seeyon FE Collaborative Office Platform is a collaborative office platform from China-based Seeyon. A security vulnerability exists in Seeyon FE Collaborative Office Platform version 5.5.2, which stems from an incorrect operation of the parameter Name that can lead to SQL injection...

7.5CVSS6.8AI score0.00424EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/02/13 12:0 a.m.13 views

RHEL 9 : OpenShift Container Platform 4.13.55 (RHSA-2025:1118)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1118 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

8.8CVSS7.2AI score0.005EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 2:55 p.m.7 views

CVE-2020-15263

In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4...

8CVSS5.9AI score0.00739EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

LogSign Unified SecOps Platform 输入验证错误漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An input validation error vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.26, which ste...

6.5CVSS4.9AI score0.00597EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/04 6:35 a.m.7 views

WordPress BuddyBoss Platform plugin < 2.6.0 - Insecure Direct Object Reference on Like Comment vulnerability

Insecure Direct Object Reference on Like Comment vulnerability discovered by Faris Krivi in WordPress Plugin Buddyboss Platform versions 2.6.0...

5.3CVSS7AI score0.0043EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.5 views

Baizhuo Network Smart s200 Management Platform Security Vulnerability

Baizhuo Network Smart s200 Management Platform is a network management platform from Baizhuo, China. A security vulnerability exists in Baizhuo Network Smart s200 Management Platform v.S200, which originates from a SQL injection vulnerability in the /importexport.php component...

7.8CVSS8AI score0.01101EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/11/17 5:15 a.m.3 views

CVE-2023-48658

An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space...

9.8CVSS7.3AI score0.00907EPSS
Exploits0References4
OSV
OSV
added 2023/09/05 5:15 p.m.6 views

CVE-2023-31242

An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability...

9.8CVSS5.9AI score0.03356EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/09/05 12:0 a.m.8 views

PT-2023-24809 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 18.00.0072 Description: An improper input validation vulnerability exists in the OAS Engine User Creation functionality. A specially crafted series of network requests can lead to unexpected data ...

6.5CVSS7.6AI score0.00758EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.6 views

PT-2023-26083 · Unknown · Tduck-Platform

Name of the Vulnerable Software and Affected Versions: tduck-platform version 4.0 Description: The issue allows attackers to execute arbitrary code via a crafted HTML file, exploiting an arbitrary file upload vulnerability. Recommendations: For tduck-platform version 4.0, update to a version that...

6.1CVSS6.7AI score0.00427EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2023/06/29 3:15 a.m.6 views

CVE-2023-34734

Annet AC Centralized Management Platform 1.02.040 is vulnerable to Stored Cross-Site Scripting XSS...

4.8CVSS5.8AI score0.00413EPSS
Exploits1References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2022/10/11 12:0 a.m.50 views

Stable Channel Update for ChromeOS

The Stable channel is being updated to 106.0.5249.112 Platform version: 15054.98.0 for most ChromeOS devices and will be rolled out over the next few days. For Chrome browser fixes, see the Chrome Desktop release announcement. If you find new issues, please let us know one of the following ways:...

8.8CVSS7.2AI score0.00608EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.5 views

PT-2022-3463 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version V16.00.0112 Description: The issue concerns the OAS Engine SecureAddSecurity functionality, where a lack of authentication check for a critical function can be exploited. An attacker can send a...

7.8CVSS7.5AI score0.01208EPSS
Exploits1References3
Prion
Prion
added 2021/11/30 12:15 p.m.11 views

Design/Logic Flaw

Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authenticated user via stealing and injecting the session- independent and static...

6.4CVSS9.2AI score0.01239EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/05/14 4:15 p.m.3 views

CVE-2020-4468

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system wit...

7.8CVSS7.5AI score0.02766EPSS
Exploits0References2
OSV
OSV
added 2019/06/05 4:29 p.m.2 views

CVE-2019-11963

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

8.8CVSS7.8AI score0.0364EPSS
Exploits0References1
OSV
OSV
added 2019/06/05 3:29 p.m.2 views

CVE-2019-5346

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

8.8CVSS7.8AI score0.0364EPSS
Exploits0References1
OSV
OSV
added 2019/06/05 3:29 p.m.4 views

CVE-2019-5357

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

8.8CVSS6.3AI score0.03462EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/08 12:0 a.m.4 views

SGIN.CN xiangyun Platform Cross-Site Scripting Vulnerability

SGIN.CN xiangyun platform is a set of micro-business distribution platform of China Sanjin SGIN network technology company. A cross-site scripting vulnerability exists in the login.php file in version 9.4.1 of the SGIN.CN xiangyun platform. A remote attacker can use the 'loginurl' parameter to...

6.1CVSS6.2AI score0.00675EPSS
Exploits1References1
OSV
OSV
added 2018/02/15 10:29 p.m.4 views

CVE-2017-8981

A Remote Code Execution vulnerability in HPE Intelligent Management Center iMC PLAT version 7.3 E0506 was found...

9.8CVSS5.9AI score0.08867EPSS
Exploits0References1
Rows per page
Query Builder