Lucene search
K

29 matches found

ATTACKERKB
ATTACKERKB
added 2022/08/16 11:15 p.m.3 views

CVE-2021-42052

IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter...

7.5CVSS7.1AI score0.00922EPSS
Exploits1References2
OSV
OSV
added 2022/05/13 1:24 a.m.1 views

GHSA-GJFX-9WX3-J6R7 Apache MyFaces Vulnerable to Path Traversal

Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces JSF in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arbitrary files via a .. dot dot in the 1 ln parameter to faces/javax.faces.resource/web.xml or 2 the PATHINFO to...

5CVSS6AI score0.33471EPSS
Exploits2References5
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.5 views

Atlassian Jira授权问题漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used to track and manage various types of issues and defects in the workplace. An authorization issue vulnerability exists in Atlassian Jira Server and Data Center, which stems from the product's...

5.3CVSS5.7AI score0.00804EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/16 12:0 a.m.5 views

Trend Micro HouseCall for Home Networks 代码问题漏洞

Trend Micro HouseCall for Home Networks is a suite of home network security scanning software from Trend Micro. The software supports scanning a wide range of home network devices and identifying network risks. Trend Micro HouseCall for Home Networks is vulnerable to a code issue that arises when...

7CVSS7.2AI score0.00533EPSS
Exploits0References5
CNVD
CNVD
added 2021/09/04 12:0 a.m.14 views

Remote Mouse Directory Traversal Vulnerability

Remote Mouse is a remote mouse control software. Remote Mouse suffers from a directory traversal vulnerability that originates when a networked system or product fails to properly filter special elements in a resource or file path. An attacker could exploit the vulnerability to access locations...

4.5AI score
Exploits0References1
OSV
OSV
added 2020/03/20 1:15 a.m.3 views

CVE-2018-20335

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

7.5CVSS5.8AI score0.01408EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the Firefox ESR browser allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability of Firefox ESR lies in the improper restriction on the resource:URL. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code with privileges equivalent to those of Chrome, thereby circumventing access control policies. This can be achieved, fo...

5CVSS8.1AI score0.67135EPSS
Exploits3References3Affected Software1
OSV
OSV
added 2013/11/01 2:55 a.m.2 views

UBUNTU-CVE-2013-4484

Varnish before 3.0.5 allows remote attackers to cause a denial of service child-process crash and temporary caching outage via a GET request with trailing whitespace characters and no URI...

5CVSS5.8AI score0.03025EPSS
Exploits3References4
Prion
Prion
added 2009/03/09 9:30 p.m.21 views

Design/Logic Flaw

The request handler in JBossWS in JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP06 and 4.3 before 4.3.0.CP04 does not properly validate the resource path during a request for a WSDL file with a custom web-service endpoint, which allows remote attackers to read...

5CVSS7AI score0.01805EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder