Lucene search
K

7 matches found

NVD
NVD
added 2025/12/19 9:15 p.m.5 views

CVE-2023-53954

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

8.5CVSS0.00119EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/04/15 9:16 p.m.5 views

CVE-2025-31499

Jellyfin is an open source self hosted media server. Versions before 10.10.7 are vulnerable to argument injection in FFmpeg. This can be leveraged to possibly achieve remote code execution by anyone with credentials to a low-privileged user. This vulnerability was previously reported in...

8.8CVSS8.7AI score0.01251EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.5 views

Jellyfin 参数注入漏洞

Jellyfin is a free software media system from Jellyfin Open Source. It allows you to control the management and streaming of media. It is an alternative to the proprietary Emby and Plex and can serve media from a dedicated server to end-user devices through multiple applications. A parameter...

8.8CVSS8AI score0.00664EPSS
Exploits0References2
OSV
OSV
added 2023/09/27 3:19 p.m.2 views

UBUNTU-CVE-2023-41324

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An API user that have read access on users resource can steal accounts of other users. Users are advised t...

8.8CVSS5.8AI score0.00737EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.4 views

PT-2023-6824 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.10 Description: The issue is related to inadequate access control in the GLPI system, which provides ITIL Service Desk features, licenses tracking, and software auditing. A user with write access to another user's...

10CVSS7.3AI score0.99628EPSS
Exploits27References157
OSV
OSV
added 2020/06/15 3:15 p.m.2 views

DEBIAN-CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

2.5CVSS6.5AI score0.00334EPSS
Exploits1References1
CNVD
CNVD
added 2015/10/13 12:0 a.m.3 views

Vulnerability in Apple OS X Telephony component

Apple OS X is a specialized operating system developed by Apple for Mac computers.Telephony is one of the components that provides telephony functionality. A security vulnerability exists in the Telephony component of Apple OS X 10.10.5 and prior versions. A local attacker can exploit this...

1.9CVSS6.4AI score0.00334EPSS
Exploits0References1
Rows per page
Query Builder