Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.4 views

PT-2025-54471

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions prior to 11.4 Description A stored cross-site scripting issue exists in Esri ArcGIS Server. In certain configurations, a remote, unauthenticated attacker can store files containing malicious code that may execute...

6.1CVSS6.2AI score0.00197EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.5 views

PT-2025-46947

Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11 Description Mattermost versions before 11 do not enforce multi-factor authentication on WebSocket connections. This allows unauthenticated users to access sensitive information through WebSocket events...

7.5CVSS6.5AI score0.00272EPSS
Exploits0References10
OSV
OSV
added 2025/10/28 10:31 a.m.2 views

SUSE-SU-2025:3835-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.29+7 October 2025 CPU: - CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. - CVE-2025-53066: Fixed...

7.5CVSS7.2AI score0.00633EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.4 views

PT-2023-25601

Name of the Vulnerable Software and Affected Versions Digital Ant E-Commerce Software versions prior to 11 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.8CVSS7.4AI score0.00597EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.8 views

PT-2023-25606

Name of the Vulnerable Software and Affected Versions Digital Ant E-Commerce Software versions prior to 11 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker c...

6.1CVSS5.8AI score0.004EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2021/12/08 12:0 a.m.4 views

PT-2021-21322 · Synel · Synel Reports +1

Name of the Vulnerable Software and Affected Versions: SYNEL eharmonynew versions prior to 11 Synel Reports versions prior to 11 Synel Reports version 8.0.2 Description: The issue allows an attacker to log in to the system with default credentials and export a report of the eharmony system with...

6.8CVSS6.5AI score0.00548EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/05 12:0 a.m.3 views

PT-2021-23097 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.0 Description: A cross-site request forgery issue has been discovered in the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface. This issue can be exploited withou...

8.8CVSS8.4AI score0.00699EPSS
Exploits0References14
Rows per page
Query Builder