Lucene search
K

88802 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38130

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

9.8CVSS7.1AI score0.53389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.7 views

CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

7.8CVSS7.3AI score0.01895EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.8 views

CVE-2022-42458

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...

9.8CVSS7.2AI score0.01078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.23 views

CVE-2022-42409

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS6.1AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:51 a.m.22 views

CVE-2022-42369

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS6.1AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:51 a.m.6 views

CVE-2022-42127

The Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permissions, which allows remote attackers to obtain the history of all friendly URLs that was assigned to a page...

5.3CVSS6.8AI score0.0082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.10 views

CVE-2022-42376

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS6.1AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.11 views

CVE-2022-37382

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS6AI score0.00865EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.8 views

CVE-2022-37361

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS6.1AI score0.0073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.8 views

CVE-2022-37352

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS6.1AI score0.0073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:43 a.m.9 views

CVE-2022-26654

Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP...

7.5CVSS7AI score0.00988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:37 a.m.8 views

CVE-2017-12938

UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file...

7.5CVSS6.9AI score0.0357EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:26 a.m.7 views

CVE-2008-6344

SQL injection vulnerability in the TU-Clausthal Staff tucstaff 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.9AI score0.01001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:24 a.m.5 views

CVE-2008-6597

Cross-site scripting XSS vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.8AI score0.01178EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:22 a.m.9 views

CVE-2008-6338

SQL injection vulnerability in the WEBERkommunal Facilities wesfacilities extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.9AI score0.01063EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:21 a.m.7 views

CVE-2008-6343

Cross-site scripting XSS vulnerability in the TU-Clausthal ODIN tucodin extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00855EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.11 views

CVE-2019-11609

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable...

8.2CVSS6.6AI score0.04018EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:7 a.m.7 views

CVE-2019-20047

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...

7.5CVSS7AI score0.02706EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.7 views

CVE-2019-20026

The WebPro interface in NEC SV9100 software releases 7.0 or higher allows unauthenticated remote attackers to reset all existing usernames and passwords to default values via a crafted request...

7.5CVSS7.1AI score0.01121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:5 a.m.9 views

CVE-2011-0519

SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.9AI score0.00907EPSS
Exploits1References1
Rows per page
Query Builder