Lucene search
K

5655 matches found

RedhatCVE
RedhatCVE
added 2025/03/09 4:28 p.m.13 views

CVE-2024-50394

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later...

7.7CVSS7AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/09 3:31 p.m.10 views

CVE-2025-2089

A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads ...

5.5CVSS6.9AI score0.00451EPSS
Exploits1References1
Redos
Redos
added 2025/03/07 12:0 a.m.79 views

ROS-20250307-10

Vulnerability in nginx software is related to TLS session resumption when processing client certificate client certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, an attacker could bypass the authentication process...

5.3CVSS7.4AI score0.02557EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/07 12:0 a.m.4 views

PT-2025-10034 · Unknown · Projectworlds Life Insurance Management System

Name of the Vulnerable Software and Affected Versions: projectworlds Life Insurance Management System version 1.0 Description: A critical vulnerability has been found in the projectworlds Life Insurance Management System. The issue is related to an unknown function of the file /clientStatus.php,...

9.8CVSS7.5AI score0.00481EPSS
Exploits1References13
CVE
CVE
added 2025/03/06 8:31 p.m.37 views

CVE-2025-2041

CVE-2025-2041 affects the web app “s-a-zhd Ecommerce-Website-using-PHP 1.0.” The vulnerability is a SQL injection in the file /shop.php triggered by manipulating the parameter p_cat . It is described as remotely exploitable and the exploit has been disclosed publicly. Connected sources (NVD, Red ...

9.8CVSS7.6AI score0.00466EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2024-8184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS...

6.5CVSS7AI score0.01037EPSS
Exploits0References2
Amazon
Amazon
added 2025/03/06 12:0 a.m.9 views

Important: libtirpc

Issue Overview: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections. CVE-2021-46828 Affected Packages:...

7.5CVSS6.9AI score0.02088EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-6779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

9.6CVSS8.1AI score0.00529EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/03/06 12:0 a.m.3 views

The vulnerability of the ArcGIS Server server, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of ArcGIS Server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00245EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/06 12:0 a.m.5 views

The vulnerability of the ArcGIS Server server, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of ArcGIS Server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00245EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2025-0434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

8.8CVSS8.1AI score0.05945EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-40899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicio...

7.5CVSS6.9AI score0.01804EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2015-4047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted...

7.8CVSS7.2AI score0.09877EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2014-9709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of...

5CVSS6.6AI score0.15531EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2016-1683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of...

7.5CVSS8AI score0.0223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2016-3718

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 HTTP and 2 FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery SSRF attacks via...

5.5CVSS6.5AI score0.76897EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2014-8485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute...

7.5CVSS7.8AI score0.07486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2012-3417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which...

4CVSS5.9AI score0.03147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2016-2182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denia...

9.8CVSS7.6AI score0.44218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2015-5722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service assertion failure and daemon...

7.8CVSS7AI score0.33652EPSS
Exploits0References2
Rows per page
Query Builder