Lucene search
K

5655 matches found

CNNVD
CNNVD
added 2025/03/16 12:0 a.m.4 views

Drivin Soluções 代码注入漏洞

Drivin Soluções is an application from Drivin, Inc. A code injection vulnerability exists in Drivin Soluções 20250226 and prior versions, which originates from cross-site scripting and could lead to remote attacks...

5.1CVSS4.9AI score0.00286EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/03/16 12:0 a.m.2 views

Tale Blog 授权问题漏洞

Tale Blog is a Java blog open-sourced by Tale Blog System. An authorization issue vulnerability exists in Tale Blog version 2.0.5, which stems from improper authentication and could lead to remote attacks...

7.5CVSS5.7AI score0.00839EPSS
Exploits1References6
OSV
OSV
added 2025/03/15 6:15 a.m.14 views

CVE-2025-30066

tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...

8.6CVSS8.6AI score0.41008EPSS
Exploits2References21
CNNVD
CNNVD
added 2025/03/15 12:0 a.m.2 views

springboot-openai-chatgpt 安全漏洞

springboot-openai-chatgpt is a SpringCloud microservices architecture based on SpringCloud by 274056675 Individual Developer. A security vulnerability exists in springboot-openai-chatgpt version e84f6f5, which stems from improper access control and could lead to remote attacks...

9.1CVSS5.5AI score0.00502EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/15 12:0 a.m.3 views

springboot-openai-chatgpt 安全漏洞

springboot-openai-chatgpt is a SpringCloud microservices based architecture by 274056675 individual developers. A security vulnerability exists in springboot-openai-chatgpt, which stems from hard-coded credentials and could lead to remote attacks...

9.8CVSS7.5AI score0.00638EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.4 views

springboot-openai-chatgpt 安全漏洞

springboot-openai-chatgpt is a SpringCloud microservices based architecture by 274056675 individual developers. A security vulnerability exists in springboot-openai-chatgpt that stems from improper authorization and could lead to remote attacks...

9.8CVSS7.4AI score0.00638EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.18 views

Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2015-5600)

The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard- interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service CPU consumpti...

8.5CVSS6.4AI score0.09302EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.20 views

Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2016-10009)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.5AI score0.37431EPSS
Exploits4References4
OSV
OSV
added 2025/03/12 1:15 a.m.5 views

CVE-2025-2218

A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This vulnerability affects unknown code of the file /api/system/other of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The...

9.8CVSS6.8AI score
Exploits0References4
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.4 views

LoveCards 代码问题漏洞

LoveCards is an open source confession wall program by LoveCards. A code issue vulnerability exists in LoveCards 2.3.2 and earlier versions, which stems from the fact that incorrect manipulation of the parameter file can lead to unlimited uploads, potentially leading to remote attacks...

9.8CVSS7.5AI score0.00613EPSS
Exploits0References3
CVE
CVE
added 2025/03/11 8:31 p.m.55 views

CVE-2025-2208

CVE-2025-2208 affects aitangbao springboot-manager 3.0, specifically a vulnerability in the Filename Handler that processes the file at /sysFiles/upload. The issue arises from manipulation of the argument name, enabling cross-site scripting. It can be exploited remotely, and public exploits have ...

4.8CVSS3.3AI score0.00472EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.2 views

Stoque Zeev.it 代码问题漏洞

Stoque Zeev.it is a workflow automation platform from Stoque, Inc. A code issue vulnerability exists in Stoque Zeev.it version 4.24, which stems from server-side request forgery and could lead to remote attacks...

5.3CVSS5.2AI score0.00382EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.2 views

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...

4.8CVSS4.4AI score0.00472EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.2 views

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...

4.8CVSS4.4AI score0.00448EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.2 views

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...

4.8CVSS4.4AI score0.00472EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.4 views

Claro A7600-A1 代码注入漏洞

The Claro A7600-A1 is a wireless router from Claro. A code injection vulnerability exists in the Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817 version, which originates from cross-site scripting and could lead to remote attacks...

4.8CVSS4.3AI score0.00285EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...

4.8CVSS4.4AI score0.00448EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...

4.8CVSS4.4AI score0.00448EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/03/11 12:0 a.m.9 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7344-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7344-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...

8.1CVSS8.1AI score0.03301EPSS
Exploits2References39
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

libzvbi 安全漏洞

libzvbi is a VBI utility in the zapping-vbi open source. A security vulnerability exists in libzvbi version 0.2.43 and earlier, which stems from uninitialized pointers and could lead to remote attacks...

7.5CVSS6.2AI score0.00563EPSS
Exploits0References9
Rows per page
Query Builder