Lucene search
K

324 matches found

Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•14 views

Oracle Siebel CRM 16.1.x < 16.9 (January 2017 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2017 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI. The supported version that is affected is 16.1. Easi...

8.2CVSS6.5AI score0.01786EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•20 views

Oracle Siebel CRM (July 2016 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2016 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI. Supported versions that are affected are 8.1.1, 8.2.2,...

8.1CVSS5.7AI score0.02238EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•11 views

Oracle Siebel CRM (July 2015 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2015 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 8.1.1,...

4.3CVSS6.4AI score0.01959EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•11 views

Oracle Siebel Server <= 20.6 (July 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the July 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: SWSE Server. Supported versions that are affected are 20.6 and prior...

5.9CVSS7.1AI score0.0112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•11 views

Oracle Siebel Server < 20.3 (April 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI, SWSE. Supported versions that are affected are 20.2 and prior. Easil...

4.3CVSS5.7AI score0.0107EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•6 views

Oracle Siebel Server <= 22.12 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: UI Framework CodeMirror. Supported versions that are affected are 22.12 and prior...

7.5CVSS6.6AI score0.05197EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•14 views

Oracle Siebel CRM (October 2017 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2017 CPU advisory. - Vulnerability in the Siebel Apps - Field Service component of Oracle Siebel CRM subcomponent: Smart Answer Python. Supported versions that are...

10CVSS6.5AI score0.02206EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•32 views

Oracle Siebel Server (July 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI, SWSE Apache Tomcat. Supported versions that are affected are...

9.8CVSS7.4AI score0.9927EPSS
Exploits45References5
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•18 views

Oracle Siebel Server < 19.11 (January 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI jackson-databind. Supported versions that are affected are...

9.8CVSS6.9AI score0.08045EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•19 views

Oracle Siebel Server (January 2019 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the January 2019 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI jQuery FileUpload. Supported versions that are affecte...

9.8CVSS8.2AI score0.97107EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•26 views

Oracle Siebel Server < 17.6 (April 2018 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2018 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI Apache Tomcat. The supported version that is affected i...

7.5CVSS7AI score0.16567EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2024/12/11 12:0 a.m.•19 views

Oracle Siebel Server (April 2021 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI jackson-databind. Supported versions that are affected are...

8.1CVSS6.9AI score0.87218EPSS
Exploits5References7
Cvelist
Cvelist
•added 2024/09/18 5:49 p.m.•17 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS0.0028EPSS
Exploits0References2
OSV
OSV
•added 2024/09/18 5:49 p.m.•14 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS6.7AI score0.0028EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 2024/09/18 5:49 p.m.•25 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS6.8AI score0.0028EPSS
Exploits0References2
OSV
OSV
•added 2024/04/12 9:23 p.m.•55 views

GHSA-MWC7-64WG-PGVJ NiceGUI allows potential access to local file system

NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...

8.2CVSS7.9AI score0.0076EPSS
Exploits0References5
Github Security Blog
Github Security Blog
•added 2024/04/12 9:23 p.m.•21 views

NiceGUI allows potential access to local file system

NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...

8.2CVSS6.4AI score0.0076EPSS
Exploits0References5Affected Software1
NVD
NVD
•added 2024/04/12 9:15 p.m.•13 views

CVE-2024-32005

NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...

8.2CVSS8AI score0.0076EPSS
Exploits0References3
CVE
CVE
•added 2024/04/12 8:38 p.m.•70 views

CVE-2024-32005

CVE-2024-32005 : Local File Inclusion in NiceGUI’s leaflet component allows reading any backend file accessible to the web server via requests to /_nicegui/{version }/resources/{key}/{path:path}. Affected upstream: NiceGUI before 1.4.21. Impact: arbitrary file read on the server. Remediation: upg...

8.2CVSS7.8AI score0.0076EPSS
Exploits0References3
OSV
OSV
•added 2024/04/12 8:38 p.m.•20 views

CVE-2024-32005 Local File Inclusion in NiceGUI leaflet component

NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...

8.2CVSS7.6AI score0.0076EPSS
Exploits0References5
Rows per page
Query Builder