Lucene search
K

77 matches found

CNNVD
CNNVD
added 2023/10/11 12:0 a.m.4 views

Koha Code Issue Vulnerability

Koha is a Koha organization's system for building websites for automated library management. A security vulnerability exists in Koha Library Software version 23.0.5.04 and earlier that could allow a remote attacker to read arbitrary files via the upload-cover-image.pl component...

5.3CVSS6.8AI score0.00956EPSS
Exploits1References2
OSV
OSV
added 2023/09/20 7:15 p.m.4 views

CVE-2023-43374

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the idutentelog parameter at /hoteldruid/personalizza.php...

9.8CVSS8.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.7 views

PT-2022-24569 · WordPress · The Car Dealer (Dealership)/Vehicle Sales Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Car Dealer Dealership and Vehicle sales WordPress Plugin versions prior to 3.05 Description: The issue is related to improper authorization and CSRF in an AJAX action. This allows any authenticated users, such as subscribers, to call the...

6.5CVSS6.3AI score0.00336EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.4 views

PT-2022-25430 · Gvectors Team · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: gVectors Team wpForo Forum plugin versions = 2.0.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that can lead to topic deletion. This occurs in the gVectors Team wpForo Forum plugin on WordPress. Recommendations:...

5.4CVSS5.5AI score0.00254EPSS
Exploits0References5
Snyk
Snyk
added 2022/10/21 8:50 p.m.3 views

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS via excess memory...

7.5CVSS7.1AI score0.05041EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.6 views

siemens Tecnomatix RobotExpert 安全漏洞

siemens Tecnomatix RobotExpert is a software application from Siemens, Germany. It provides support for unique industry applications such as mounting, arc welding, polishing, gluing and others. A security vulnerability exists in siemens Tecnomatix RobotExpert. The vulnerability stems from the...

7.8CVSS7.8AI score0.0145EPSS
Exploits0References6
OSV
OSV
added 2021/03/13 2:15 a.m.4 views

CVE-2021-20018

A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlier...

4.9CVSS6.1AI score0.00673EPSS
Exploits0References1
OSV
OSV
added 2021/02/02 5:15 a.m.3 views

CVE-2020-25037

UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command...

8.2CVSS7.7AI score0.00518EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/11/23 12:0 a.m.3 views

PT-2020-8676 · Mongodb · Mongodb Server +1

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.0.5 MongoDB Server versions prior to 3.6.10 Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch...

6.5CVSS6.9AI score0.01233EPSS
Exploits0References11
OSV
OSV
added 2020/07/14 2:15 p.m.13 views

CVE-2020-10044

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the network could be able to install specially crafted firmware to the device...

7.5CVSS7AI score0.00826EPSS
Exploits0References1
OSV
OSV
added 2019/08/26 7:15 p.m.4 views

CVE-2019-7990

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

9.8CVSS7.5AI score0.08299EPSS
Exploits0References1
OSV
OSV
added 2019/08/26 6:15 p.m.6 views

CVE-2019-7972

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution...

9.8CVSS7.5AI score0.06433EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/09 12:0 a.m.2 views

IBM DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2018-12868)

IBM DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM in the United States. The software provides a single platform for global team collaboration to manage requirements more efficiently and share unified user, server and...

5.4CVSS5.5AI score0.00682EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/24 12:0 a.m.3 views

Subrion CMS Cross-Site Scripting Vulnerability (CNVD-2016-10246)

Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site scripting vulnerability exists in Subrion CMS version 4.0.5, which stems from the failure of...

6.2AI score
Exploits0References1
CNVD
CNVD
added 2016/06/08 12:0 a.m.2 views

7zip denial of service vulnerability

7zip is a set of 7-Zip data compression program software. The program can compress and decompress files in 7z format. A security vulnerability exists in the 'CInArchive::ReadFileItem' method in the Archive/Udf/UdfIn.cpp file in 7zip version 9.20 and 15.05 beta. A remote attacker can exploit this...

8.8CVSS7.7AI score0.09795EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2008/12/17 1:31 a.m.12 views

Firefox XSS vulnerabilities in SessionStore

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...

4.3CVSS5.7AI score0.01784EPSS
Exploits0References4
PyPA
PyPA
added 2008/03/20 12:44 a.m.8 views

PYSEC-2008-14

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

4.3CVSS7.3AI score0.00642EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder