Lucene search
K

36 matches found

Snyk
Snyk
added 2026/04/21 12:0 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. This is only exploitable if the...

6.9CVSS7.7AI score0.00323EPSS
Exploits0References2
CVE
CVE
added 2025/11/21 12:29 p.m.14 views

CVE-2025-66091

CVE-2025-66091 is a DOM-based XSS vulnerability in the WordPress plugin Stylish Cost Calculator (design stylish-cost-calculator) up to version

6.5CVSS6AI score0.00132EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/21 8:2 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Server: Optimizer component. A high privileged attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Remediation...

6.9CVSS6.7AI score0.00533EPSS
Exploits0References2
OSV
OSV
added 2025/07/07 4:15 p.m.9 views

UBUNTU-CVE-2025-7259

An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2025/07/07 3:59 p.m.5 views

CVE-2025-7259 Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash

An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...

6.5CVSS6.5AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.6 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server version v8.1, which stems from a duplicateid...

6.5CVSS6.4AI score0.00276EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.6 views

IBM Spectrum Protect Server 访问控制错误漏洞

IBM Spectrum Protect Server is a spectrum protection system from International Business Machines IBM, Inc. provides comprehensive data resiliency for physical file servers, virtual environments, and a wide range of applications. An access control error vulnerability exists in IBM Spectrum Protect...

9.8CVSS6.2AI score0.00322EPSS
Exploits0References2
OSV
OSV
added 2025/05/27 4:15 a.m.5 views

CVE-2025-48827

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...

9.8CVSS5.8AI score0.69817EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.5 views

CVE-2022-34593

DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability...

7.5CVSS7.5AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.10 views

CVE-2020-35206

Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affects products that are no longer supported by th...

6.1CVSS6.1AI score0.01299EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:47 p.m.5 views

CVE-2020-9769

Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim...

9.8CVSS6.5AI score0.01094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 a.m.8 views

CVE-2016-10917

The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316...

9.8CVSS7.9AI score0.02193EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/07/26 12:0 a.m.5 views

ICEcoder 安全漏洞

ICEcoder is a browser-based code editor from ICEcoder open source. Allows users to code online or offline directly in a web browser. A security vulnerability exists in ICEcoder version 8.1, which stems from the discovery of a contained path traversal vulnerability via...

6.3CVSS6.8AI score0.00441EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/19 12:0 a.m.10 views

PT-2024-18941

Name of the Vulnerable Software and Affected Versions github.com/gotenberg/gotenberg/v8/pkg/gotenberg versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/chromium versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/webhook versions prior to 8.1.0 Description Th...

8.8CVSS5.9AI score0.00574EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

Globitel SpeechLog Analytics 安全漏洞

Globitel SpeechLog Analytics is a speech analysis module from Globitel. A security vulnerability exists in Globitel SpeechLog Analytics version v8.1, which was discovered to contain a stored cross-site scripting XSS vulnerability in the "Save Query" function...

4.6CVSS5.9AI score0.00403EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.7 views

PT-2024-2371 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions 8.1 and later Description: The issue is related to the lack of protection for the web page structure, allowing an attacker to conduct cross-site scripting XSS attacks using specially crafted .html files. An attacker with adm...

5.8CVSS5.7AI score0.00508EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2024/03/05 6:22 p.m.3 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS5.7AI score0.00871EPSS
Exploits0References4
OSV
OSV
added 2023/10/18 12:31 a.m.3 views

GHSA-M6VM-37G8-GQVH MySQL Connectors takeover vulnerability

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

8.9CVSS7.2AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2023/10/17 10:15 p.m.6 views

UBUNTU-CVE-2023-22095

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

6.5CVSS6.5AI score0.00975EPSS
Exploits0References3
CVE
CVE
added 2023/10/16 10:29 a.m.45 views

CVE-2023-44229

CVE-2023-44229 concerns the Tiny Carousel Horizontal Slider WordPress plugin. The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) flaw in versions

5.9CVSS5.1AI score0.00335EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder