Lucene search
K

183 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:34 a.m.8 views

CVE-2015-1313

JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request...

6.5CVSS6.8AI score0.00615EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/20 12:0 a.m.7 views

CVE-2024-53359

An issue in Zalo v23.09.01 allows attackers to obtain sensitive user information via a crafted GET request...

7.2AI score0.00401EPSS
Exploits1References2
Snyk
Snyk
added 2025/05/13 4:42 p.m.3 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:bootstrap-multiselect is a JQuery multiselect plugin based on Twitter Bootstrap. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the post.php script. An attacker can execute scripts in the context of the user's browser session by sendi...

6.1CVSS5.4AI score0.00424EPSS
Exploits0References2
OSV
OSV
added 2025/05/08 6:15 p.m.2 views

DEBIAN-CVE-2024-13009

In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests...

7.2CVSS7.2AI score0.00453EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure the SELinux Policy Correctly

SELinux policies are classified into basic policies and user-defined policies. Basic policies: policies defined in the basic policy package, including selinux-policy, selinux-policy-targeted, and selinux-policy-mls. User-defined policies: policies modified or added by users. SELinux can implement...

6.8AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/05/06 12:0 a.m.4 views

Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model

Publicly verifiable secret sharing PVSS allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction...

6.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/04/09 3:20 p.m.90 views

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 Proof-of-Concept Standalone This repository...

9.8CVSS7.8AI score0.99945EPSS
Exploits46
RedhatCVE
RedhatCVE
added 2025/04/06 6:35 a.m.18 views

CVE-2024-42208

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

3.5CVSS6.2AI score0.0025EPSS
Exploits0References3
NVD
NVD
added 2025/04/04 6:15 a.m.21 views

CVE-2024-42208

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

3.5CVSS0.0025EPSS
Exploits0References1
OSV
OSV
added 2025/04/04 6:15 a.m.10 views

CVE-2024-42208

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

3.5CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2025/04/04 5:22 a.m.52 views

CVE-2024-42208

Technical details about CVE-2024-42208 are not publicly available in the provided documents; monitor for updates.

3.5CVSS6.4AI score0.0025EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/04 5:22 a.m.19 views

CVE-2024-42208 HCL Connections is vulnerable to an information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

3.5CVSS0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.5 views

HCL Connections 安全漏洞

HCL Connections is a suite of enterprise collaboration platforms from HCL India. HCL Connections has a security vulnerability that stems from mishandling of request data, which could lead to information leakage...

3.5CVSS6.5AI score0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/13 12:0 a.m.4 views

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.13 and prior versions, which stems from improper access control in the Temporary...

6.5CVSS6.5AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/06 8:48 p.m.6 views

CVE-2025-1259

On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...

7.7CVSS7.2AI score0.00326EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/14 3:24 p.m.4 views

CVE-2024-23563

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

3.9CVSS6.2AI score0.00145EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/12 1:47 p.m.9 views

CVE-2024-23563 HCL Connections Docs is vulnerable to a sensitive information disclosure

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

3.9CVSS0.00145EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 1:47 p.m.52 views

CVE-2024-23563

CVE-2024-23563 affects HCL Connections Docs. The issue is a sensitive information disclosure caused by improper handling of request data, allowing an attacker to access information they should not be entitled to. Connected sources corroborate the vulnerability and describe the root cause as misha...

4.4CVSS6.3AI score0.00145EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.4 views

HCL Connections 安全漏洞

HCL Connections is a suite of enterprise collaboration platforms from HCL Corporation, USA. A security vulnerability exists in HCL Connections version 2.0.2, which stems from mishandling of request data and can lead to disclosure of sensitive information...

4.4CVSS6.5AI score0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.7 views

PT-2025-6171 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: In affected versions of Octopus Deploy where customers are using Active Directory for authentication, it was possible for an unauthenticated user to make an API request against two...

6.9CVSS6.2AI score0.00357EPSS
Exploits0References7
Rows per page
Query Builder