Lucene search
K

9 matches found

osv
osv
added 2026/01/07 11:2 p.m.4 views

CVE-2023-7333 bluelabsio records-mover Table Object sql injection

A weakness has been identified in bluelabsio records-mover up to 1.5.4. The affected element is an unknown function of the component Table Object Handler. This manipulation causes sql injection. The attack needs to be launched locally. Upgrading to version 1.6.0 is sufficient to fix this issue...

4.8CVSS5.8AI score0.00174EPSS
Exploits0References8
snyk
snyk
added 2025/06/16 3:32 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview commons-fileupload:commons-fileupload is a component that provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS8.1AI score0.64718EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/23 9:11 a.m.3 views

CVE-2024-27181

In Apache Linkis = 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue...

8.8CVSS6.8AI score0.00664EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/04/11 12:0 a.m.4 views

PT-2023-22706 · Apache · Apache Inlong

Name of the Vulnerable Software and Affected Versions: Apache InLong versions 1.4.0 through 1.5.0 Description: The issue is related to an SQL Injection vulnerability. By manipulating the orderType parameter, an attacker can extract the username of the user with ID 1 from the "user" table, one...

5.3CVSS8.3AI score0.01164EPSS
Exploits0References13
ptsecurity
ptsecurity
added 2022/12/28 12:0 a.m.8 views

PT-2022-8065 · Unknown · Farcry Solr Pro Plugin

Name of the Vulnerable Software and Affected Versions: FarCry Solr Pro Plugin versions up to 1.5.x Description: A vulnerability was found in the FarCry Solr Pro Plugin, affecting an unknown functionality of the file packages/forms/solrProSearch.cfc of the component Search Handler. The manipulatio...

6.1CVSS4.2AI score0.0063EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2022/12/27 12:0 a.m.9 views

PT-2022-11741 · Openmrs · Openmrs Admin Ui Module

Name of the Vulnerable Software and Affected Versions: OpenMRS Admin UI Module versions up to 1.5.x Description: A vulnerability was found in the OpenMRS Admin UI Module, affecting unknown code of the file location.gsp. The manipulation leads to cross-site scripting. The attack can be initiated...

6.1CVSS4.4AI score0.00903EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2022/02/25 12:0 a.m.3 views

PT-2022-16611 · Jetbrains · Jetbrains Kotlin

Name of the Vulnerable Software and Affected Versions: JetBrains Kotlin versions prior to 1.6.0 Description: The issue concerns the inability to lock dependencies for Multiplatform Gradle Projects in JetBrains Kotlin. This could potentially lead to unstable project configurations due to...

5.3CVSS7.2AI score0.02178EPSS
Exploits0References16
snyk
snyk
added 2021/05/26 7:50 a.m.5 views

Arbitrary Code Execution

Overview ruby-jss is a provides native ruby access to the REST APIs of Jamf Pro, an enterprise/education tool for managing Apple devices, from jamf.com. Affected versions of this package are vulnerable to Arbitrary Code Execution. This is due to the usage of the plist library, which has documente...

9.8CVSS6.9AI score0.02603EPSS
Exploits0References2
elastic
elastic
added 2015/06/09 9:40 p.m.8 views

Elasticsearch Engineered Attack Vulnerability CVE-2015-4165

Summary: Elasticsearch versions 1.0.0 - 1.5.2 are vulnerable to an engineered attack on other applications on the system. The snapshot API may be used indirectly to place snapshot metadata files into locations that are writeable by the user running the Elasticsearch process. It is possible to...

7.5CVSS7.2AI score0.0445EPSS
Exploits1
Rows per page
Query Builder