Lucene search
+L

12 matches found

CNNVD
CNNVD
added 2026/02/20 12:0 a.m.13 views

OrientDB 跨站脚本漏洞

OrientDB is an open-source multi-model database developed by OrientDB. In the version 3.0.17 of OrientDB, there is a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the name parameter, which may lead to storage-based cross-site scripting attacks...

6.4CVSS5.7AI score0.00251EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.11 views

OrientDB 跨站脚本漏洞

OrientDB is an open-source multi-model database developed by OrientDB. Version 3.0.17 of OrientDB has a cross-site scripting vulnerability. This vulnerability stems from improper handling of JSON payloads submitted to the document endpoint, which may lead to reflective cross-site scripting attack...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.10 views

OrientDB 跨站请求伪造漏洞

OrientDB is an open-source multi-model database developed by OrientDB. In the version 3.0.17 of OrientDB, there is a vulnerability related to cross-site request forgeing. This vulnerability stems from the lack of token verification at endpoints, which may lead to cross-site request forgeing attac...

5.3CVSS5.7AI score0.0013EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.17 views

PT-2026-21318

OrientDB 3.0.17 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating users with script payloads in the name parameter. Attackers can send POST requests to the document endpoint with JavaScript code in the name field to...

6.4CVSS5.7AI score0.00251EPSS
Exploits1References4
CVE
CVE
added 2025/08/05 12:2 a.m.19 views

CVE-2025-54870

VTun-ng (virtual tunnel over TCP/IP) contains a vulnerability in versions 3.0.17 and earlier where failure to initialize encryption modules can cause a fallback to plaintext due to insufficient error handling. The issue was introduced in 3.0.12 and fixed in 3.0.18. Remediation: upgrade to 3.0.18 ...

8.7CVSS6.4AI score0.00199EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.6 views

VTun-ng 安全漏洞

vtun-ng is an application by Jan-Espen Oversand Individual Developer. A security vulnerability exists in VTun-ng 3.0.17 and earlier versions, which stems from a failure in the initialization of the cryptographic module that could lead to a plaintext transfer...

8.7CVSS6.5AI score0.00199EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2024/02/07 12:30 p.m.7 views

org.apache.pulsar:pulsar-server-distribution (>=3.0.0 <=3.0.17) potentially affected by CVE-2023-51437 via org.apache.pulsar:pulsar-broker-auth-sasl (>=3.0.0 <=3.0.17)

org.apache.pulsar:pulsar-broker-auth-sasl MAVEN version =3.0.0, =3.0.0, =3.0.17 Source cves: CVE-2023-51437 Source advisory: OSV:GHSA-C57V-4VG5-CM2X...

7.4CVSS7.1AI score0.00763EPSS
Exploits0
Patchstack
Patchstack
added 2022/01/06 12:0 a.m.6 views

WordPress Order Tracking plugin <= 3.0.16 - Authenticated Arbitrary Plugin Settings Update vulnerability

Authenticated Arbitrary Plugin Settings Update vulnerability discovered in WordPress Order Tracking plugin versions = 3.0.16. Solution Update the WordPress Order Tracking plugin to the latest available version at least 3.0.17...

3.8AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/10/08 12:0 a.m.6 views

Unspecified Vulnerability in CloudBees Jenkins Aqua Security Scanner Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Aqua Security Scanner Plugin is used in one o...

7.5CVSS6.7AI score0.00888EPSS
Exploits0References1
OSV
OSV
added 2019/09/25 4:15 p.m.8 views

CVE-2019-10428

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS7.1AI score0.00888EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/14 12:0 a.m.67 views

Atlassian SourceTree 0.5a < 3.0.17 Multiple remote code execution vulnerabilities

The version of Atlassian SourceTree installed on the remote Windows host is version 0.5a prior to 3.0.17. It is, therefore, affected by multiple remote code execution vulnerabilities. - An option injection vulnerability exists in the git submodule component. An unauthenticated, remote attacker ca...

9.8CVSS8.3AI score0.97356EPSS
Exploits12References5
OpenVAS
OpenVAS
added 2012/01/19 12:0 a.m.68 views

Linux Kernel IGMP Remote DoS Vulnerability

The Linux Kernel is prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.20492EPSS
Exploits5References7
Rows per page
Query Builder