Lucene search
K

19 matches found

OSV
OSV
added 2025/08/11 1:53 p.m.2 views

BIT-LIBPHP-2020-7064 Use-of-uninitialized-value in exif

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...

6.5CVSS6.7AI score0.04295EPSS
Exploits1References11
OSV
OSV
added 2025/01/14 2:15 p.m.4 views

CVE-2024-46670

An Out-of-bounds Read vulnerability CWE-125 in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted...

7.5CVSS5.8AI score0.00609EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.4 views

WordPress plugin Sirv 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.4CVSS5.8AI score0.00314EPSS
Exploits0References4
OSV
OSV
added 2024/07/19 11:8 a.m.1 views

OESA-2024-1877 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An integer overflow...

8.1CVSS8AI score0.01512EPSS
Exploits3References4
OSV
OSV
added 2023/05/15 3:15 p.m.3 views

DEBIAN-CVE-2023-31626

An issue in the gpfnotice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00905EPSS
Exploits1References1
OSV
OSV
added 2023/05/15 3:15 p.m.2 views

DEBIAN-CVE-2023-31628

An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00905EPSS
Exploits1References1
OSV
OSV
added 2023/05/15 3:15 p.m.3 views

UBUNTU-CVE-2023-31620

An issue in the dvcompare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00905EPSS
Exploits1References5
OSV
OSV
added 2023/05/15 3:15 p.m.2 views

UBUNTU-CVE-2023-31615

An issue in the chasharray component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.2AI score0.00905EPSS
Exploits1References5
OSV
OSV
added 2023/05/15 3:15 p.m.3 views

UBUNTU-CVE-2023-31626

An issue in the gpfnotice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.2AI score0.00905EPSS
Exploits1References5
OSV
OSV
added 2023/05/15 3:15 p.m.1 views

UBUNTU-CVE-2023-31622

An issue in the sqlcmakepolicytrig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00863EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.4 views

Virtuoso Open-Source Edition SQL注入漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9, which...

7.5CVSS7.2AI score0.00905EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.5 views

Virtuoso Open-Source Edition SQL注入漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9 that stems...

7.5CVSS7.2AI score0.00905EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.3 views

PT-2023-9527 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box copy component and involves improper neutralization of special elements used in SQL commands. This can be exploited by attackers to cause a Denial of...

7.8CVSS7.7AI score0.00909EPSS
Exploits16References79
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.4 views

PT-2023-9519 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the libc longjmp component of the openlink virtuoso-opensource platform is related to the improper neutralization of special elements used in SQL commands. Exploitation of...

7.8CVSS7.8AI score0.00909EPSS
Exploits16References79
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.2 views

PT-2023-9517 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the dfe unit col loci component of openlink virtuoso-opensource, which is associated with the improper neutralization of special elements used in SQL commands. Th...

7.8CVSS7.7AI score0.00909EPSS
Exploits16References78
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.3 views

PT-2023-9521 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box deserialize string function, which is vulnerable due to improper neutralization of special elements used in SQL commands. This can be exploited by a...

7.8CVSS7.8AI score0.00909EPSS
Exploits16References79
CNVD
CNVD
added 2020/08/12 12:0 a.m.5 views

IBM QRadar Improper Access Control Vulnerability

IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. A security vulnerability exists in IBM QRadar Wincollect versions 7.2.0 through 7.2.9 that stems from WinCollect failing to install...

8.1CVSS6.7AI score0.01506EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.3 views

IBM QRadar Improper Access Control Vulnerability (CNVD-2020-46811)

IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. A security vulnerability exists in IBM QRadar Wincollect versions 7.2.0 through 7.2.9, which stems from a program that allows users to...

6.5CVSS6.5AI score0.01492EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.2 views

PowerShell LTS v7.2.9 (x64)

PowerShell LTS v7.2.9 x64...

7AI score
Exploits0
Rows per page
Query Builder