Lucene search
K

6772 matches found

Debian CVE
Debian CVE
added 2025/01/07 12:22 p.m.8 views

CVE-2024-12426

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS6AI score0.00528EPSS
Exploits0
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

LibreOffice 信息泄露漏洞

LibreOffice is an open source office software suite from The Document Foundation. An information disclosure vulnerability exists in LibreOffice versions prior to 24.8 through 24.8.4, which stems from improper exposure of environment variables and INI file values, which could result in sensitive...

6.7CVSS4.9AI score0.00528EPSS
Exploits0References3
Snyk
Snyk
added 2025/01/03 5:6 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the constructor of the Downloader class. An attacker can execute arbitrary JavaScript code in the user's browser by manipulating GET parameters name and type. Workaround This vulnerability can be mitigat...

8.3CVSS6.7AI score0.00312EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/03 12:0 a.m.5 views

IBM PowerHA SystemMirror 安全漏洞

IBM PowerHA SystemMirror is a high-availability cluster multiprocessor program from International Business Machines IBM. A security vulnerability exists in IBM PowerHA SystemMirror versions 7.4 and 7.5. An attacker exploiting this vulnerability could obtain cookie values by snooping on traffic...

4.3CVSS6.5AI score0.00175EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.2 views

DEBIAN-CVE-2024-56596

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfsreaddir The stbl might contain some invalid values. Added a check to return error code in that case...

7.8CVSS5.7AI score0.0023EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.2 views

UBUNTU-CVE-2024-56596

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfsreaddir The stbl might contain some invalid values. Added a check to return error code in that case...

7.8CVSS6.2AI score0.0023EPSS
Exploits0References56
Vulnrichment
Vulnrichment
added 2024/12/27 2:51 p.m.2 views

CVE-2024-56596 jfs: fix array-index-out-of-bounds in jfs_readdir

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfsreaddir The stbl might contain some invalid values. Added a check to return error code in that case...

7.5AI score0.0023EPSS
Exploits0References7
Schneier on Security
Schneier on Security
added 2024/12/27 12:3 p.m.12 views

Casino Players Using Hidden Cameras for Cheating

The basic strategy is to place a device with a hidden camera in a position to capture normally hidden card values, which are interpreted by an accomplice off-site and fed back to the player via a hidden microphone. Miniaturization is making these devices harder to detect. Presumably AI will soon...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2024/12/20 12:0 a.m.4 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A security vulnerability exists in JetBrains...

5.5CVSS7AI score0.00294EPSS
Exploits0References1
OSV
OSV
added 2024/12/19 2:15 p.m.1 views

DEBIAN-CVE-2024-9102

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet...

5CVSS5.4AI score0.00407EPSS
Exploits0References1
OSV
OSV
added 2024/12/19 2:15 p.m.2 views

UBUNTU-CVE-2024-9102

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet...

5CVSS5.8AI score0.00407EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.2 views

phpLDAPadmin 安全漏洞

phpLDAPadmin is a web-based LDAP client from the phpLDAPadmin Personal Developer, which is primarily used to manage LDAP servers. A security vulnerability exists in phpLDAPadmin versions 1.2.0 through 1.2.6.7. An attacker exploiting this vulnerability can cause CSV formula injection...

5CVSS6.5AI score0.00407EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.6 views

PT-2024-39431 · Unknown +1 · Phpldapadmin +1

Name of the Vulnerable Software and Affected Versions: phpLDAPadmin versions 1.2.0 through 1.2.6.7 Description: The issue allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a comma...

5CVSS6.9AI score0.00407EPSS
Exploits0References15
OSV
OSV
added 2024/12/18 8:15 p.m.2 views

CVE-2024-51470

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values...

6.5CVSS5.8AI score0.00655EPSS
Exploits0References3
NVD
NVD
added 2024/12/18 8:15 p.m.20 views

CVE-2024-51470

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values...

6.5CVSS0.00655EPSS
Exploits0References3
CVE
CVE
added 2024/12/18 7:56 p.m.84 views

CVE-2024-51470

CVE-2024-51470 affects IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS/CD, 9.4 LTS/CD, IBM MQ Appliance 9.3 LTS/CD/9.4 LTS, and IBM MQ for HPE NonStop 8.1.0–8.1.0.25, allowing an authenticated user to cause a denial-of-service via messages with improperly set values. The root cause is improper handling of unusu...

6.5CVSS6.3AI score0.00655EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2024/12/18 7:56 p.m.19 views

CVE-2024-51470 IBM MQ denial of service

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values...

6.5CVSS0.00655EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/18 7:56 p.m.17 views

CVE-2024-51470 IBM MQ denial of service

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values...

6.5CVSS6.7AI score0.00655EPSS
Exploits0References3
OSV
OSV
added 2024/12/17 10:15 p.m.1 views

DEBIAN-CVE-2024-52792

LDAP Account Manager LAM is a php webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In affected versions LAM does not properly sanitize configuration values, that are set via mainmanage.php and confmain.php. This allows setting arbitrary config values...

6.5CVSS5.7AI score0.00696EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 10:15 p.m.1 views

UBUNTU-CVE-2024-52792

LDAP Account Manager LAM is a php webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In affected versions LAM does not properly sanitize configuration values, that are set via mainmanage.php and confmain.php. This allows setting arbitrary config values...

6.5CVSS5.9AI score0.00696EPSS
Exploits0References6
Rows per page
Query Builder