Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free remote desktop protocol library and client. All FreeRDP-based clients that use the /video command-line switch may read uninitialized data, interpret it as audio/video, and display the result. Server implementations based on FreeRDP are not affected by this issue. This issue has...

7.5CVSS6.1AI score0.00985EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 a.m.8 views

EUVD-2026-29391

The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kcseoativetab parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.9CVSS6AI score0.00229EPSS
Exploits0References6
OSV
OSV
added 2025/12/19 5:11 p.m.5 views

CVE-2025-68430 CVAT vulnerable to directory traversal via mounted share listing

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.8.1 through 2.52.0, an attacker with an account on a CVAT instance is able to retrieve the contents of any file system directory accessible to the CVAT server. The exposed information is names of...

5.3CVSS6.5AI score0.0024EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.7 views

CVE-2025-13588

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

6.5CVSS6.7AI score0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/24 6:32 a.m.8 views

EUVD-2025-198624

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

6.5CVSS6.2AI score0.00218EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-41785

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00985EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 3:14 a.m.6 views

CVE-2023-22327

Out-of-bounds write in firmware for some IntelR FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local access...

6CVSS5.8AI score0.00228EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/12/13 3:15 p.m.3 views

CVE-2023-34009

Missing Authorization vulnerability in Inisev Social Media & Share Icons ultimate-social-media-icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media & Share Icons: from n/a through = 2.8.1...

4.3CVSS5.8AI score0.00458EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.30 views

Jenkins Plugin TestComplete support 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

9.8CVSS8.4AI score0.01215EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/10/12 12:0 a.m.6 views

CVE-2022-39282 RDP client: Read of uninitialized memory with parallel port redirection

FreeRDP is a free remote desktop protocol library and clients. FreeRDP based clients on unix systems using /parallel command line switch might read uninitialized data and send it to the server the client is currently connected to. FreeRDP based server implementations are not affected. Please...

3.5CVSS6.7AI score0.00829EPSS
Exploits0References7
Snyk
Snyk
added 2021/08/13 10:23 a.m.3 views

Timing Attack

Overview Affected versions of this package are vulnerable to Timing Attack. Some components in Apache Kafka use Arrays.equals to validate a password or key, which is vulnerable to brute force attacks by malicious users. Remediation Upgrade org.apache.kafka:connect-runtime to version 2.8.1, 2.7.2 ...

6.8CVSS8.5AI score0.0582EPSS
Exploits0References2
CNVD
CNVD
added 2018/09/21 12:0 a.m.3 views

Micro Focus ArcSight Management Center Cross-Site Scripting Vulnerability

Micro Focus ArcSight Management Center ArcMC is a security management center from Micro Focus UK that centrally manages ArcSight e.g. HP ArcSight Logger, etc. deployments through a unified interface. A cross-site scripting vulnerability exists in Micro Focus ArcMC versions prior to 2.81, which ca...

6.5CVSS6.1AI score0.01266EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/08/24 12:0 a.m.10 views

PT-2018-16203 · Egg · Egg-Scripts

Name of the Vulnerable Software and Affected Versions: egg-scripts versions prior to 2.8.1 Description: A command injection issue allows arbitrary shell command execution through a maliciously crafted command line argument. This is only exploitable if a malicious argument is provided on the comma...

10CVSS9.8AI score0.12283EPSS
Exploits1References9
OSV
OSV
added 2018/02/27 7:29 p.m.2 views

DEBIAN-CVE-2018-6535

An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker...

8.1CVSS7.8AI score0.01354EPSS
Exploits0References1
Rows per page
Query Builder