Lucene search
K

5655 matches found

RedhatCVE
RedhatCVE
added 2025/04/02 12:35 a.m.15 views

CVE-2024-54803

Netgear WNR854T 1.5.2 North America is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoepeermac and forcing a reboot. This will result in command injection...

9.8CVSS7.3AI score0.01579EPSS
Exploits1References1
Redos
Redos
added 2025/04/02 12:0 a.m.12 views

ROS-20250402-05

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Html Sanitizer applications is related to with insufficient cleaning of user-supplied data. Exploitation of the vulnerability could allow An attacker acting remotely could conduct cross-site scripting attacks...

6.1CVSS6.4AI score0.00581EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/31 12:0 a.m.13 views

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : WebKitGTK vulnerabilities (USN-7395-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7395-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious...

10CVSS7.7AI score0.0424EPSS
Exploits4References4
Vulnrichment
Vulnrichment
added 2025/03/30 10:31 p.m.3 views

CVE-2025-2964

...

6.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 12:42 p.m.17 views

Security Bulletin: JAVA related vulnerabilities in IBM SP Enterprise Resource Planning (ERP) effected the ERP product.

Summary IBM Storage Protect Enterprise Resource Planning can be affected by security flaws in JAVA. : An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts, as described in the "Vulnerability Details...

7.5CVSS4.6AI score0.01361EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/28 12:0 a.m.7 views

CVE-2025-28220

Tenda W6S v1.0.0.4510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request...

6.7AI score0.00448EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2025/03/24 3:9 p.m.3 views

USN-7366-1: Rack vulnerabilities

Nhật Thái Đỗ discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. CVE-2025-25184 Phạm Quang Minh discovered that Rack incorrectly handled certain headers. A remote attacker could possibly use this issue to perform l...

7.5CVSS7AI score0.01095EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/03/24 2:20 p.m.26 views

CVE-2025-2618

A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function setwsaction of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit...

10CVSS7.3AI score0.01847EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.3 views

ruoyi-vue-pro 路径遍历漏洞

ruoyi-vue-pro is the Taro Road source code zhijiantianya open source an optimized and refactored efficient back-end management system framework for the development of enterprise back-end , SaaS platforms , WeChat applets back-end and so on. ruoyi-vue-pro 2.4.1 version of a path traversal...

9.1CVSS5.7AI score0.00809EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.5 views

ruoyi-vue-pro 路径遍历漏洞

ruoyi-vue-pro is the Taro Road source code zhijiantianya open source an optimized and refactored efficient back-end management system framework for the development of enterprise back-end , SaaS platforms , WeChat applets back-end and so on. ruoyi-vue-pro 2.4.1 version of a path traversal...

9.1CVSS5.8AI score0.00809EPSS
Exploits1References5
NVD
NVD
added 2025/03/23 9:15 p.m.18 views

CVE-2025-2663

A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /search-locker-details.php. The manipulation of the argument searchinput leads to sql injection. The attack can be...

9.8CVSS0.00485EPSS
Exploits1References5
NVD
NVD
added 2025/03/23 9:15 p.m.36 views

CVE-2025-2664

A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been...

7.2CVSS0.00462EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/23 4:0 p.m.18 views

CVE-2025-2654 SourceCodester AC Repair and Services System manage_service.php sql injection

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/services/manageservice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely...

7.5CVSS0.00527EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/03/23 7:31 a.m.13 views

CVE-2025-2643 PHPGurukul Art Gallery Management System edit-art-type-detail.php sql injection

A vulnerability has been found in PHPGurukul Art Gallery Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-art-type-detail.php?editid=1. The manipulation of the argument arttype leads to sql injection. The attack can be initiated...

7.5CVSS7.8AI score0.00481EPSS
Exploits1References5
NVD
NVD
added 2025/03/22 1:15 p.m.8 views

CVE-2025-2617

A vulnerability classified as problematic was found in yangyouwang 杨有旺 crud 简约后台管理系统 1.0.0. Affected by this vulnerability is an unknown functionality of the component Department Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...

4.8CVSS0.00286EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2025/03/20 12:37 a.m.7 views

USN-7360-1: Alpine vulnerabilities

It was discovered that Alpine did not use a secure connection under certain circumstances. A remote attacker could possibly use this issue to leak sensitive information. CVE-2020-14929 It was discovered that Alpine could allow untagged responses from an IMAP server before upgrading to a TLS...

7.5CVSS6.4AI score0.01823EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.5 views

PT-2025-13697 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: A critical issue has been discovered, affecting the Web Management Interface component, specifically the /goform/SysToolChangePwd file. This leads to improper access controls, allowing for remote...

6.9CVSS5.1AI score0.00707EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.5 views

PT-2025-13698 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: A critical issue affects the Web Management Interface component, specifically the unknown processing of the file /goform/SysToolDDNS. This leads to improper access controls, allowing for remote...

6.9CVSS5.2AI score0.0069EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/03/19 3:20 p.m.14 views

CVE-2025-2382

A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched...

9.8CVSS7.7AI score0.00487EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/16 12:0 a.m.4 views

Tale Blog 代码注入漏洞

Tale Blog is a Java blog open-sourced by Tale Blog System. A code injection vulnerability exists in Tale Blog version 2.0.5, which originates from cross-site scripting and could lead to remote attacks...

4.8CVSS4.3AI score0.00353EPSS
Exploits1References6
Rows per page
Query Builder