Lucene search
+L

91 matches found

EUVD
EUVD
added 2025/12/18 5:29 a.m.5 views

EUVD-2025-204025

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication...

9CVSS6.6AI score0.00103EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 5:29 a.m.76 views

CVE-2025-47372

CVE-2025-47372 is a memory corruption issue affecting Qualcomm Snapdragon components where reading a corrupted ELF image with an oversized file size into a buffer without authentication can overflow memory. The Red Hat/NVD/CVE lists and connected documents describe a local attack vector due to in...

9CVSS6.7AI score0.00103EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.7 views

WordPress plugin Ninja Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.5CVSS6.7AI score0.0037EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 10:7 p.m.4 views

EUVD-2025-201822

ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI V2 treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This...

9.3CVSS6.5AI score0.0046EPSS
Exploits2References3
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.7 views

METZ CONNECT多款产品 访问控制错误漏洞

METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...

7.5CVSS6.5AI score0.00438EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-2922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0....

4.3CVSS5.5AI score0.02436EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-2922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.6.45 and prior and...

5.3CVSS5.6AI score0.02211EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-2894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u231, 8u221,...

4.3CVSS6.7AI score0.03159EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-2825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read...

10CVSS7AI score0.71641EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-2007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0....

4.3CVSS5.5AI score0.02272EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.4 views

CVE-2023-22083

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

4.3CVSS4.9AI score0.00407EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

NetAlertX 安全漏洞

NetAlertX is a network intruder and presence detector from the jokob-sk individual developer. A security vulnerability exists in NetAlertX versions prior to 24.10.12, which stems from an HTTP client-ignorable redirect and issues related to strpos and directory traversal, which could lead to...

10CVSS8.8AI score0.68616EPSS
Exploits6References3
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.5 views

Eclipse Cyclone DDS 安全漏洞

Eclipse Cyclone DDS is a very high performance and robust open source DDS implementation from the Eclipse Foundation. A security vulnerability exists in Eclipse Cyclone DDS versions prior to 0.10.5, which originates from an integer overflow during deserialization and could lead to an...

9.1CVSS6.8AI score0.00876EPSS
Exploits1References3
OSV
OSV
added 2024/10/16 7:15 a.m.3 views

CVE-2019-25213

The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive file...

7.5CVSS5.8AI score0.02734EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-2907 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.3 Description: The issue is related to an out-of-bounds read vulnerability in the WLAvalancheService component. This vulnerability can allow an unauthenticated remote attacker to read sensitive informati...

7.5CVSS9.4AI score0.01884EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.7 views

SUSE CVE-2020-2922

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

3.7CVSS5AI score0.02436EPSS
Exploits0References2
OSV
OSV
added 2023/09/12 2:15 a.m.8 views

CVE-2023-37489

Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform Version Management System - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or...

5.3CVSS5.8AI score0.00433EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/07/19 5:21 p.m.6 views

OpenJDK: array indexing integer overflow issue (8304468)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

3.7CVSS7.2AI score0.01164EPSS
Exploits0References4
OSV
OSV
added 2023/05/31 1:15 p.m.5 views

CVE-2023-33507

KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...

7.5CVSS5.9AI score0.00698EPSS
Exploits1References1
OSV
OSV
added 2023/04/17 10:15 p.m.4 views

CVE-2023-28978

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...

5.3CVSS6.1AI score0.0047EPSS
Exploits0References1
Rows per page
Query Builder