Lucene search
K

168 matches found

CNNVD
CNNVD
added 2023/02/14 12:0 a.m.4 views

Splunk 安全漏洞

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...

4.3CVSS5.2AI score0.00362EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.3 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab versions 10.0 through 16.1.5 or...

4.3CVSS5.1AI score0.00359EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2023/01/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2021-24918

The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...

5.4CVSS5.9AI score0.00654EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.4 views

PT-2022-9615 · WordPress · Download Plugin

Name of the Vulnerable Software and Affected Versions: The Download Plugin WordPress plugin versions prior to 2.0.0 Description: The issue arises from improper validation of user privileges to access a backup's nonce identifier. This may allow any users with an account on the site, such as...

5.4CVSS7AI score0.00633EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.3 views

OpenHarmony 安全漏洞

OpenHarmony is an open source project of the OpenAtom Foundation in China for a kind of Hongmeng operating system. A security vulnerability exists in OpenHarmony v3.1.2 and earlier versions, which stems from a lack of proper privilege validation in the parameter service of its boot subsystem that...

8.4CVSS7.4AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/01 12:0 a.m.5 views

GitLab 信息泄露漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. An information disclosure vulnerability exists in GitLab versions 12.4 through...

5.3CVSS5.7AI score0.00791EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/05/23 12:0 a.m.2 views

JFrog Artifactory 安全漏洞

Jfrog JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's Jfrog that supports clustering and high-availability Docker registries, and provides an end-to-end solution for tracking artifact automation from development to production. A security vulnerabilit...

6.5CVSS6.5AI score0.00527EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.5 views

Qualcomm 权限许可和访问控制问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A vulnerability in privilege permission and access...

6.2CVSS5.8AI score0.00126EPSS
Exploits0References5
CNVD
CNVD
added 2022/03/04 12:0 a.m.20 views

JFrog Artifactory Access Control Error Vulnerability

JFrog Artifactory is an open source general-purpose Artifact repository manager from Israel-based JFrog Jfrog that supports clustering and high-availability Docker registries and provides an end-to-end automation solution for tracking artifacts from development to production.JFrog Artifactory is...

4CVSS3AI score0.00631EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/02 12:0 a.m.5 views

JFrog Artifactory 安全漏洞

JFrog Artifactory is an open source general-purpose Artifact repository manager from Israel-based JFrog Jfrog that supports clustering and high-availability Docker registries and provides an end-to-end automation solution for tracking artifacts from development to production.JFrog Artifactory is...

4CVSS5AI score0.00631EPSS
Exploits0References3
OSV
OSV
added 2022/02/17 7:15 p.m.7 views

CVE-2022-0633

The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download the most recent site & database...

6.5CVSS5.6AI score0.01979EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2022/02/17 7:15 p.m.8 views

CVE-2022-0633

The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download the most recent site & database...

6.5CVSS6.8AI score0.01979EPSS
Exploits3References5Affected Software2
Prion
Prion
added 2022/02/17 7:15 p.m.24 views

Design/Logic Flaw

The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download the most recent site & database...

4CVSS6.4AI score0.01979EPSS
Exploits3References4Affected Software1
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.5 views

Cisco Unified Contact Center Management Portal和Cisco Unified Contact Center Domain Manager 安全漏洞

Cisco Unified Contact Center Management Portal and Cisco Unified Contact Center Domain Manager are both products of Cisco Corporation. Management Portal is an intuitive and secure Web-based application that allows supervisors and managers to meet the complex and changing demands of the contact...

9.6CVSS8.6AI score0.01393EPSS
Exploits0References4
OSV
OSV
added 2021/11/29 9:15 a.m.2 views

CVE-2021-24918

The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...

5.4CVSS6AI score0.00654EPSS
Exploits1References2
NVD
NVD
added 2021/11/29 9:15 a.m.22 views

CVE-2021-24918

The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...

5.4CVSS0.00654EPSS
Exploits1References2
OSV
OSV
added 2021/11/18 7:15 p.m.5 views

CVE-2021-23193

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...

6.5CVSS5.8AI score0.00675EPSS
Exploits0References1
NVD
NVD
added 2021/11/18 7:15 p.m.21 views

CVE-2021-23193

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...

8.1CVSS0.00675EPSS
Exploits0References1
Prion
Prion
added 2021/11/18 7:15 p.m.20 views

Input validation

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...

4CVSS6.3AI score0.00675EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/18 6:2 p.m.24 views

CVE-2021-23193

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...

8.1CVSS8.1AI score0.00675EPSS
Exploits0References1
Rows per page
Query Builder