Lucene search
K

89 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-38686

Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

5.3CVSS5.9AI score0.05166EPSS
Exploits0References12
EUVD
EUVD
added 2026/03/25 9:30 p.m.6 views

EUVD-2025-209025

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/25 6:31 p.m.7 views

EUVD-2026-15536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themepassion Ultra WordPress Admin ultra-admin allows Reflected XSS.This issue affects Ultra WordPress Admin: from n/a through = 11.7...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-22523 WordPress Ultra WordPress Admin plugin <= 11.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themepassion Ultra WordPress Admin ultra-admin allows Reflected XSS.This issue affects Ultra WordPress Admin: from n/a through = 11.7...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.6 views

IBM InfoSphere Information Server Information Disclosure Vulnerability (7009205)

The version of IBM InfoSphere Information Server installed on the remote host is 11.7.x prior or equal to 11.7.1.4. It is, therefore, potentially affected by an information disclosure vulnerability: - IBM InfoSphere Information Server could allow an authenticated user to obtain sensitive...

6.5CVSS6.6AI score0.0046EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/03/10 7:21 a.m.6 views

WordPress Ultra WordPress Admin plugin <= 11.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Ultra WordPress Admin versions = 11.7...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/01/26 6:16 p.m.6 views

CVE-2025-57783

Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver...

5.3CVSS0.00449EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 6:16 p.m.7 views

CVE-2025-57784

Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...

3.3CVSS5.7AI score
Exploits0References1
OSV
OSV
added 2026/01/26 6:16 p.m.5 views

CVE-2025-57783

Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver...

5.3CVSS5.7AI score
Exploits0References1
CVE
CVE
added 2026/01/26 5:46 p.m.16 views

CVE-2025-57785

CVE-2025-57785 — Double Free in XSLT show_index (Hiawatha Webserver) Affected software: Hiawatha webserver versions 10.8.2 through 11.7 (as cited by Red Hat and CVE trackers). Technical detail: The vulnerability is a double free in the XSLT function show_index, a memory management error that may ...

6.5CVSS6.3AI score0.00344EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/26 5:46 p.m.3 views

CVE-2025-57785 Double free in XSLT in 'show_index'

A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...

6AI score0.00344EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.6 views

Hiawatha security vulnerabilities

Hiawatha is a security web server developed by Hugo Leisink for Unix systems. This product can prevent attacks such as XSS, SQL injection, and CSRF, and it also offers server monitoring capabilities. Version 11.7 of Hiawatha contains a security vulnerability caused by a double release in the XSLT...

6.5CVSS6.3AI score0.00344EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.7 views

Hiawatha security vulnerabilities

Hiawatha is a security web server developed by Hugo Leisink for Unix systems. This product can prevent attacks such as XSS, SQL injection, and CSRF, and it also offers server monitoring capabilities. Version 11.7 of Hiawatha contains a security vulnerability caused by improper header parsing. Thi...

5.3CVSS6AI score0.00449EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.12 views

Hiawatha security vulnerabilities

Hiawatha is a security web server developed by Hugo Leisink for Unix systems. This product can prevent attacks such as XSS, SQL injection, and CSRF, and it also offers server monitoring capabilities. Version 11.7 of Hiawatha contains a security vulnerability caused by the use of strcmp, which may...

4CVSS6.1AI score0.00148EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.10 views

PT-2026-4797

Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...

5.8AI score0.00148EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 12:31 a.m.9 views

EUVD-2025-201833

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

4.6CVSS6.2AI score0.00169EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/25 12:43 a.m.16 views

CVE-2025-60936

Emoncms 11.7.3 is vulnerable to Cross Site in the input handling mechanism. This vulnerability allows authenticated attackers with API access to inject malicious JavaScript code that executes when administrators view the application logs...

6.1CVSS6.7AI score0.00178EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2025-31657

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00417EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.6 views

Delinea Secret Server 安全漏洞

Delinea Secret Server is a powerful PAM in the cloud or locally from Delinea USA. A security vulnerability exists in Delinea Secret Server version 11.7 and earlier, which stems from insufficient validation of SQL report creation and could lead to administrator access to restricted tables...

4CVSS7.1AI score0.00137EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.2 views

IBM InfoSphere Information Server SQL注入漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An SQL injection vulnerability exists in IBM InfoSphere Information Server version 11.7 that ste...

7.6CVSS7.3AI score0.00269EPSS
Exploits0References2
Rows per page
Query Builder