Lucene search
+L

694 matches found

CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

MediaWiki 安全漏洞

MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.14, 1.43.4, and 1.44.1 contain security vulnerabilities...

6.3CVSS5.8AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/31 9:12 a.m.12 views

CVE-2025-1395

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...

8.2CVSS5.9AI score0.00299EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/29 8:43 a.m.6 views

CVE-2026-23564

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

6.5CVSS5.9AI score0.00134EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/29 8:43 a.m.35 views

CVE-2026-23564 Transmission of Unencrypted Data in Content Distribution Service

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

6.5CVSS0.00134EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.10 views

AZL-75527 CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : linux-firmware-20230310-134.el9.ML.1 (AXSA:2023-6270:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6270:05 advisory. This package includes firmware files required for some devices to operate. CVE-2023-20593 An issue in Zen 2 CPUs, under specific microarchitectural...

5.5CVSS6.8AI score0.05794EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.8 views

Odine GateKeeper SQL injection vulnerability

Odine GateKeeper is a voice fraud detection software developed by the Turkish company Odine. Version 1.0 of Odine GateKeeper contains an SQL injection vulnerability. This vulnerability stems from an SQL injection vulnerability in the trafficCycle API endpoint, which may lead to the disclosure of...

8.2CVSS5.8AI score0.00411EPSS
Exploits0References3
NVD
NVD
added 2026/01/15 8:16 p.m.5 views

CVE-2026-23746

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

9.3CVSS0.00861EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.11 views

CVE-2023-49950

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

5.4CVSS6AI score0.00505EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.9 views

CVE-2018-18657

An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue...

7.5CVSS6.9AI score0.01337EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.6 views

WordPress plugin Booking Calendar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.2AI score0.00337EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/07 9:37 a.m.7 views

CVE-2019-7097

Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack...

7.5CVSS6.5AI score0.03592EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.9 views

CVE-2019-7612

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message...

9.8CVSS6.5AI score0.02407EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 10:41 p.m.18 views

CVE-2023-54163

CVE-2023-54163 affects NLB mKlik Macedonia 3.3.12, where a SQL injection vulnerability exists in the international transfer parameters. The root cause is unsanitized input allowing arbitrary SQL execution, potentially exposing sensitive data from the mobile banking application. The CVSSv3.1 vecto...

8.8CVSS7.4AI score0.00295EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2025/12/12 4:38 p.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Backup ZipSlip. An attacker can create or overwrite files in arbitrary locations within the application's privilege scope by inserting data entries with absolute paths or parent directory traversal sequences...

8.7CVSS7.5AI score0.00785EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2024-38798

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...

5.8CVSS0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.5 views

Kalmia 安全漏洞

Kalmia is an open source document content management system from Iridia Solutions Private Limited. A security vulnerability exists in Kalmia version 0.2.0, which stems from insufficient validation of permissions in the /kal-api/auth/users API endpoint, which could lead to the disclosure of...

6.5CVSS6.2AI score0.00266EPSS
Exploits3References2
NVD
NVD
added 2025/12/02 4:15 p.m.10 views

CVE-2025-58113

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...

6.5CVSS0.00346EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/02 3:32 p.m.3 views

CVE-2025-58113

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...

6.5CVSS6.2AI score0.00346EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.12 views

PT-2025-48705

Name of the Vulnerable Software and Affected Versions PDF-XChange Editor version 10.7.3.401 Description An out-of-bounds read issue exists in the EMF functionality. Exploitation involves a specially crafted EMF file. This could allow an attacker to perform an out-of-bounds read, potentially leadi...

6.5CVSS6.1AI score0.00346EPSS
Exploits1References7
Rows per page
Query Builder