Lucene search
K

23 matches found

CVE
CVE
added 2026/02/25 4:25 p.m.19 views

CVE-2026-27728

OneUptime prior to v10.0.7 contains an OS command injection vulnerability in NetworkPathMonitor.performTraceroute() that allows an authenticated project user to inject shell metacharacters into a monitor destination, enabling arbitrary commands on the Probe server. Affected version: before 10.0.7...

9.9CVSS6.2AI score0.01729EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/02/25 4:25 p.m.5 views

CVE-2026-27728 OneUptime: OS Command Injection in Probe NetworkPathMonitor via unsanitized destination in traceroute exec()

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.7, an OS command injection vulnerability in NetworkPathMonitor.performTraceroute allows any authenticated project user to execute arbitrary operating system commands on the Probe server by injecting shell...

9.9CVSS6.3AI score0.01729EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.7 views

CVE-2019-18356

An XSS issue was discovered in Thycotic Secret Server before 10.7 issue 1 of 2...

6.1CVSS6.1AI score0.00789EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-27382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Itemfield::usedtables/updatedependmapfororder. CVE-2022-27382 No...

7.5CVSS7.6AI score0.01546EPSS
Exploits1References2
OSV
OSV
added 2025/06/10 11:51 a.m.4 views

BIT-MARIADB-MIN-2022-31621

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dsxbstream.cc, when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen, the held lock is not released correctly, which allows local users to trigger a denial of service due to the...

5.5CVSS5.8AI score0.00213EPSS
Exploits0References6
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2025/04/02 3:12 p.m.13 views

[R1] Nessus Agent Version 10.7.4 Fixes One Vulnerability

R1 Nessus Agent Version 10.7.4 Fixes One Vulnerability Arnie Cabral Wed, 04/02/2025 - 11:12 When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.7.4 did not enforce secure permissions for sub-directories. This could allow for local privilege...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/09/01 2:21 p.m.6 views

mariadb: server crash in Item_args::walk_args

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemargs::walkargs...

7.5CVSS7.3AI score0.01668EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/07/28 4:6 p.m.5 views

mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...

7.5CVSS7.3AI score0.01766EPSS
Exploits1References4
OSV
OSV
added 2022/07/01 8:15 p.m.3 views

DEBIAN-CVE-2022-32091

MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...

7.5CVSS7.8AI score0.02082EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.2 views

MariaDB 安全漏洞

MariaDB is a database management system from the Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine. A denial of service vulnerability exists in versions of MariaDB Server prior to 10.7, which stems from the execution of the logstatementex method, the...

5.5CVSS5.7AI score0.00207EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.4 views

MariaDB 安全漏洞

MariaDB is the database management system of the Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine. a denial of service vulnerability exists in versions of MariaDB Server prior to 10.7, which originates in extra/mariabackup/dscompress.cc, and can be exploited...

5.5CVSS5.6AI score0.00222EPSS
Exploits0References9
OSV
OSV
added 2022/04/12 8:15 p.m.10 views

ALPINE-CVE-2022-27386

MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sqlclass.cc...

7.5CVSS7.3AI score0.02264EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.8 views

MariaDB SQL注入漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB Server v10.7 and lower, which stems from the discovery of a segmentation error contained via the compone...

7.5CVSS7.5AI score0.02264EPSS
Exploits1References18
OSV
OSV
added 2022/04/05 3:15 a.m.5 views

CVE-2021-33207

The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code...

9.8CVSS5.8AI score0.01562EPSS
Exploits0References2
CNVD
CNVD
added 2020/11/19 12:0 a.m.5 views

McAfee Endpoint Security Code Issue Vulnerability (CNVD-2020-66090)

McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on....

7.8CVSS8.2AI score0.00399EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/17 12:0 a.m.6 views

McAfee Endpoint Security Elevation of Privilege Vulnerability (CNVD-2020-24141)

McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on...

8.4CVSS7AI score0.00252EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/24 12:0 a.m.4 views

Thycotic Secret Server Cross-Site Scripting Vulnerability (CNVD-2019-38074)

Thycotic Secret Server is a privileged account management solution from Thycotic USA. A cross-site scripting vulnerability exists in Thycotic Secret Server versions prior to 10.7. The vulnerability stems from the lack of proper validation of client-side data by the WEB application, and can be...

6.1CVSS6.3AI score0.00789EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/11 12:0 a.m.1 views

Symantec Messaging Gateway Elevation of Privilege Vulnerability (CNVD-2019-22205)

Symantec Messaging Gateway is a suite of spam filters from Symantec USA. The product features anti-spam, anti-virus, advanced content filtering and data leakage protection. A boost vulnerability exists in Symantec Messaging Gateway versions prior to 10.7.1. An attacker can exploit this...

9.8CVSS7AI score0.02282EPSS
Exploits0References1
OSV
OSV
added 2018/06/26 2:29 p.m.5 views

CVE-2018-0528

Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors...

4.3CVSS5.8AI score0.00869EPSS
Exploits0References2
OSV
OSV
added 2018/05/23 5:29 p.m.6 views

CVE-2018-10652

There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3...

7.5CVSS5.8AI score0.01156EPSS
Exploits0References1
Rows per page
Query Builder