Lucene search
K

5655 matches found

Positive Technologies
Positive Technologies
added 2022/12/03 12:0 a.m.3 views

PT-2022-26529 · Unknown · House Rental System

Name of the Vulnerable Software and Affected Versions: House Rental System affected versions not specified Description: A critical issue was found in the House Rental System, affecting an unknown function of the file /view-property.php. The manipulation of the property id argument leads to sql...

9.8CVSS9.5AI score0.00628EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2022/11/28 10:7 a.m.47 views

Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks

Over a dozen security flaws have been discovered in baseboard management controller BMC firmware from Lanner that could expose operational technology OT and internet of things IoT networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip SoC, that's found in serv...

10CVSS0.7AI score0.09946EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/20 12:0 a.m.4 views

PT-2022-25528 · Unknown · Yellow Tree Geolocation Ip Detection Plugin

Name of the Vulnerable Software and Affected Versions: Yellow Tree Geolocation IP Detection Plugin affected versions not specified Description: A vulnerability was found in the Yellow Tree Geolocation IP Detection Plugin, classified as problematic. It affects an unknown function of the component...

6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/20 12:0 a.m.6 views

PT-2022-25502 · Unknown · Show Ip Address Plugin

Name of the Vulnerable Software and Affected Versions: Show IP Address Plugin affected versions not specified Description: A vulnerability was found in the Show IP Address Plugin, affecting the HTTP Header Handler component. The manipulation of the X-Forwarded-For argument leads to improper outpu...

6.4AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/11/14 7:4 p.m.6 views

CVE-2022-34318 IBM CICS TX clickjacking

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM...

5.4CVSS6.6AI score0.00614EPSS
Exploits0References3
OSV
OSV
added 2022/11/11 4:15 p.m.21 views

CVE-2022-3959

A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version...

5.3CVSS6.9AI score
Exploits0References4
Prion
Prion
added 2022/11/11 4:15 p.m.24 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version...

5CVSS5.3AI score0.00975EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/11/10 3:15 p.m.27 views

Path traversal

A Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...

4CVSS4.5AI score0.00733EPSS
Exploits1References1Affected Software2
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.4 views

CVE-2022-3878 Maxon ERP browse_data sql injection

A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchaseorder/browsedata. The manipulation of the argument tbsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

7.3CVSS7.4AI score0.00654EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/05 12:0 a.m.5 views

PT-2022-24526 · Sourcecodester · Sourcecodester Sanitization Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Sanitization Management System affected versions not specified Description: A critical vulnerability has been found in the SourceCodester Sanitization Management System. The issue is related to an unknown function of the file...

9.8CVSS9.5AI score0.00458EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/10/28 12:0 a.m.7 views

CVE-2022-3732 seccome Ehoney set sql injection

A vulnerability was found in seccome Ehoney and classified as critical. Affected by this issue is some unknown functionality of the file /api/v1/bait/set. The manipulation of the argument Payload leads to sql injection. The attack may be launched remotely. VDB-212414 is the identifier assigned to...

6.3CVSS7AI score0.00437EPSS
Exploits0References1
NVD
NVD
added 2022/10/16 10:15 a.m.26 views

CVE-2022-3524

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this...

5.5CVSS0.00733EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/10/16 10:15 a.m.26 views

CVE-2022-3523

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to...

5.3CVSS6AI score0.00862EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/10/12 12:0 a.m.5 views

PT-2022-22299 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System affected versions not specified Description: A critical issue was found in the SourceCodester Human Resource Management System, affecting an unknown function of the file getstatecity.php. The...

6.5CVSS6.7AI score0.00479EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.50 views

Security Bulletin: IBM QRadar SIEM and QRadar Risk Manager can be affected by three vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

5CVSS6.1AI score0.35584EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.23 views

Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Advanced/Enterprise for the Oracle CPU April 2013.

Abstract The IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. The April 2013 Oracle Critical Patch Updates CPU contained various security vulnerability fixes for the Oracle JDKs. The IBM Java SDK that WebSphere Partner Gateway ships is similarly...

2.6CVSS6.5AI score0.35584EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.30 views

Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling Secure Proxy (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract The IBM JRE embedded in the IBM Sterling Secure Proxy Configuration Manager has security vulnerabilities that affect SSL connections to the configuration GUI. Content VULNERABILITY DETAILS CVE ID : CVE-2013-0440 DESCRIPTION: A vulnerability in Java Runtime Environment allows remote...

5.3CVSS6.2AI score0.35584EPSS
Exploits3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.3 views

The vulnerability of the Mozilla Firefox browser, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Mozilla Firefox browser is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...

5CVSS6.4AI score0.00686EPSS
Exploits1References9Affected Software3
Ubuntu
Ubuntu
added 2022/09/14 11:55 a.m.53 views

USN-5611-1: WebKitGTK vulnerability

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS8AI score0.09785EPSS
Exploits0
OSV
OSV
added 2022/09/05 3:15 a.m.13 views

CVE-2022-39824

Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server via the currentItem property of the list widget, e.g., to perform DoS attacks or achieve an information leak...

8.9CVSS7.8AI score
Exploits0References2
Rows per page
Query Builder