Lucene search
K

5655 matches found

Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.261 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.1)

The version of AOS installed on the remote host is prior to 5.20.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.1 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and...

9.8CVSS7.1AI score0.11296EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.272 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.11.2)

The version of AOS installed on the remote host is prior to 5.11.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.11.2 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get...

10CVSS8.3AI score0.98631EPSS
Exploits82References88
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.35 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.17.0.3)

The version of AOS installed on the remote host is prior to 5.17.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.17.0.3 advisory. - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a...

9.8CVSS7.7AI score0.07443EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2022/08/30 12:0 a.m.53 views

Google Chrome < 105.0.5195.52 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 105.0.5195.52. It is, therefore, affected by multiple vulnerabilities as referenced in the 202208stable-channel-update-for-desktop30 advisory. - Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to...

8.8CVSS7.6AI score0.24738EPSS
Exploits1References45
CVE
CVE
added 2022/08/11 9:30 a.m.65 views

CVE-2022-2765

CVE-2022-2765 affects SourceCodester Company Website CMS 1.0. An unknown functionality in the /dashboard/settings file enables improper authentication, with remote exploitation reportedly disclosed publicly. The vulnerability is described as critical with potential impact on confidentiality, inte...

9.8CVSS8.1AI score0.00841EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.2 views

Library Management System 跨站脚本漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Individual Developer. A cross-site scripting vulnerability exists in Library Management System, which stems from unknown code in the file /qr/I/ being affected,...

6.1CVSS5.8AI score0.0035EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.3 views

Company Website CMS 代码问题漏洞

Company Website CMS is a company website/CMS by Torrahclef Personal Developer. Company Website CMS suffers from a code issue vulnerability that stems from some unknown functionality of /dashboard/add-portfolio.php being affected, where manipulation of the parameter ufile can lead to unrestricted...

9.8CVSS8.2AI score0.00577EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.4 views

Company Website CMS 代码问题漏洞

Company Website CMS is a company website/CMS by Torrahclef Personal Developer. A security vulnerability exists in Company Website CMS, which stems from an unknown function of the file /dashboard/add-service.php of the component Add Service Handler being affected, resulting in unrestricted uploads...

9.8CVSS8.1AI score0.00577EPSS
Exploits0References2
OSV
OSV
added 2022/08/05 4:15 p.m.17 views

CVE-2016-3098

Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...

5.4CVSS5.7AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/28 6:16 a.m.51 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2018-25031, CVE-2021-46708)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

6.1CVSS5.1AI score0.42326EPSS
Exploits4Affected Software1
The Hacker News
The Hacker News
added 2022/07/26 10:12 a.m.53 views

Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

FileWave's mobile device management MDM system has been found vulnerable to two critical security flaws that could be leveraged to carry out remote attacks and seize control of a fleet of devices connected to it. "The vulnerabilities are remotely exploitable and enable an attacker to bypass...

0.9AI score0.15824EPSS
Exploits2
NVD
NVD
added 2022/07/18 7:15 p.m.13 views

CVE-2022-28681

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.1CVSS0.00837EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/07/17 6:35 a.m.12 views

CVE-2015-10003 FileZilla Server PORT confused deputy

A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to...

4.3CVSS7.1AI score0.0045EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/16 12:0 a.m.4 views

Ambit Technologies iTech Job Portal Script 授权问题漏洞

Ambit Technologies iTech Job Portal Script is an efficient interactive platform from Ambit Technologies India. One can post their vacancy profile on one side and candidates can post their resume on the other side. Ambit Technologies iTech Job Portal Script version 9.13 suffers from a security...

9.8CVSS8.3AI score0.00616EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/07/12 10:6 a.m.7 views

CVE-2022-26649

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

9.6CVSS9.2AI score0.01185EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/07 12:0 a.m.5 views

IBM CICS TX Standard and Advanced 跨站脚本漏洞

IBM CICS TX Standard and Advanced is a comprehensive, single transaction runtime package from International Business Machines IBM, Inc. that can provide a cloud-native deployment model for standalone applications. A cross-site scripting vulnerability exists in IBM CICS TX Standard and Advanced,...

5.5CVSS5.8AI score0.00585EPSS
Exploits0References6
Prion
Prion
added 2022/06/30 5:15 a.m.15 views

Cross site scripting

A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input leads to basic cross site scripting. The attack can be launched...

3.5CVSS5.3AI score0.00497EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2022/06/30 12:0 a.m.17 views

Wordpress Kama Click Counter SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. wordpress Kama Click Counte is vulnerable to SQL injection, which can be exploited by attackers to...

8.8CVSS3.7AI score0.00892EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.4 views

silverstripe framework 资源管理错误漏洞

silverstripe framework is a CMS web framework. A security vulnerability exists in silverstripe framework version 4.8.1. An attacker can exploit this vulnerability to conduct remote attacks via specially crafted XML documents...

6.5CVSS6.6AI score0.00985EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/06/27 1:25 p.m.7 views

CVE-2017-20100 Air Transfer cross site scripting

A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

3.5CVSS6.4AI score0.00656EPSS
Exploits1References2
Rows per page
Query Builder