Lucene search
+L

287 matches found

Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.64 views

Joomla 4.0.x < 4.2.4 Multiple Vulnerabilities (5870-joomla-4-2-4-security-release)

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities. - Joomla 4 sites with publicly enabled debug mode exposed data of previous requests. CVE-2022-27912 - Inadequate...

6.1CVSS5.6AI score0.00502EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.35 views

Drupal 9.3.x < 9.3.19 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.91, 9.3.x prior to 9.3.19 or 9.4.x prior to 9.4.3. It is, therefore, affected by multiple vulnerabilities: - In some situations, the Image module does not correctly check access to...

7.5CVSS7.8AI score0.01422EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/07/11 12:0 a.m.45 views

phpMyAdmin 4.9.x < 4.9.6 Multiple Vulnerabilities

The version of phpMyAdmin installed on the remote web server is 4.9.x prior to 4.9.6 or 5.0.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities. - It may permit an attacker to craft a malicious link leading to a Cross-Site Scripting attack XSS vulnerability if a user clicks o...

9.8CVSS7.1AI score0.67081EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.48 views

Atlassian Jira 8.21.x < 8.22.4 Server-Side Request Forgery

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 8.0.x prior to 8.13.22, 8.14.x prior to 8.20.10 or 8.21.x prior to 8.21.4. It is, therefore, affected by a vulnerability allowing a remote, authenticated user including a user who join...

6.5CVSS7.2AI score0.71169EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.32 views

NewStart CGSL MAIN 6.02 : gupnp Multiple Vulnerabilities (NS-SA-2022-0060)

The remote NewStart CGSL host, running version MAIN 6.02, has gupnp packages installed that are affected by multiple vulnerabilities: - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

8.1CVSS6.8AI score0.15193EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.21 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : gupnp Vulnerability (NS-SA-2022-0036)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gupnp packages installed that are affected by a vulnerability: - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to...

8.1CVSS7.6AI score0.01084EPSS
Exploits0References3
Veracode
Veracode
added 2022/04/06 8:59 a.m.28 views

Authentication Bypass

ReadyMedia is vulnerable to authentication bypass. The vulnerability exists due to a rebinding issue which allows an attacker to exfiltrate media files of a remote web server...

7.4CVSS4.5AI score0.01578EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/31 12:0 a.m.94 views

Joomla! 2.5.x < 3.10.7 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.10.7 or 4.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities. - Extracting an specifilcy crafted tar package could write files outside of the intended path...

9.8CVSS7.2AI score0.02007EPSS
Exploits3References16
OSV
OSV
added 2022/03/06 7:15 a.m.7 views

CVE-2022-26505

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...

7.4CVSS7.3AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/03/06 7:15 a.m.36 views

CVE-2022-26505

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...

7.4CVSS7.1AI score0.01578EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/06 12:0 a.m.7 views

ReadyMedia 安全漏洞

ReadyMedia formerly MiniDLNA is a set of media service software compatible with LNA/UPnP-AV clients. The software supports media files such as music, pictures, videos, etc. A security vulnerability in DNS exists in versions of ReadyMedia formerly MiniDLNA prior to 1.3.1, which stems from a DNS...

7.4CVSS5.7AI score0.01578EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/03/06 12:0 a.m.24 views

CVE-2022-26505

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...

7.6AI score0.01578EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.24 views

Rocky Linux 8 : gupnp (RLSA-2021:2363)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:2363 advisory. - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to...

8.1CVSS7.6AI score0.01084EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/11/19 12:0 a.m.27 views

Jenkins Git Plugin < 4.8.3 XSS

According to its its self-reported version number, the version of the Jenkins Git Plugin running on the remote web server is prior to 4.8.3. It is, therefore, affected by a cross-site scripting vulnerability due to it not escaping the Git SHA-1 checksum parameters provided to commit notifications...

6.1CVSS6.3AI score0.01197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/29 12:0 a.m.248 views

PHP 7.3.x < 7.3.32 Privilege Escalation

According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x priori to 7.3.32, 7.4.x prior to 7.4.25 or 8.0.x prior to 8.0.12. It is, therefore, affected by a privilege escalation vulnerability. The root FPM process can be forced to read/write at...

7.8CVSS7.8AI score0.01337EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.28 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : gupnp Vulnerability (NS-SA-2021-0115)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gupnp packages installed that are affected by a vulnerability: - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to...

8.1CVSS7.6AI score0.01084EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.32 views

PHP 8.0.x < 8.0.12 Privilege Escalation

According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x priori to 7.3.32, 7.4.x prior to 7.4.25 or 8.0.x prior to 8.0.12. It is, therefore, affected by a privilege escalation vulnerability. The root FPM process can be forced to read/write at...

7.8CVSS7.8AI score0.01337EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.849 views

Jetty < 9.4.41 Multiple Vulnerabilities

According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.41, 10.0.x prior to 10.0.3 or 11.0.x prior to 11.0.3. It is, therefore, affected by multiple vulnerabilities: - An issue with failure to invalidate sessions after an exception in t...

5.3CVSS5.7AI score0.7848EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.46 views

Jetty 10.0.x < 10.0.3 Multiple Vulnerabilities

According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.41, 10.0.x prior to 10.0.3 or 11.0.x prior to 11.0.3. It is, therefore, affected by multiple vulnerabilities: - An issue with failure to invalidate sessions after an exception in t...

5.3CVSS5.7AI score0.7848EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.56 views

Jetty 11.0.x < 11.0.3 Multiple Vulnerabilities

According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.41, 10.0.x prior to 10.0.3 or 11.0.x prior to 11.0.3. It is, therefore, affected by multiple vulnerabilities: - An issue with failure to invalidate sessions after an exception in t...

5.3CVSS5.7AI score0.7848EPSS
Exploits3References4
Rows per page
Query Builder