Lucene search
K

43 matches found

CNNVD
CNNVD
added 2025/05/28 12:0 a.m.10 views

TeleMessage 安全漏洞

TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier that stems from relying on the client to perform MD5 hashing and accept the hash as authentication credentials...

7.5CVSS6.9AI score0.00233EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.5 views

wire-webapp 安全漏洞

wire-webapp is an open source application from Wire Swiss. A security vulnerability exists in wire-webapp versions prior to 2025-05-14-production.0, which stems from a failure of the local data deletion functionality, which may result in data being left behind...

6CVSS6.3AI score0.00087EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/08 12:0 a.m.5 views

TeleMessage archiving backend 安全漏洞

TeleMessage archiving backend is an enterprise-grade communications archiving platform from TeleMessage Israel that supports SMS/voice/social media compliant storage and auditing. A security vulnerability exists in TeleMessage archiving backend version 2025-05-05 and earlier, which stems from API...

7.5CVSS6.8AI score0.00337EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/22 12:0 a.m.4 views

Mirai Botnet 安全漏洞

Mirai Botnet is a leaked Mirai source code by Jerry Gamblin personal developer. It is used for research purposes in order to develop IoT and more. A security vulnerability exists in Mirai Botnet version 2024-08-19 and prior versions, which stems from a mishandled simultaneous TCP connection to a...

9.1CVSS7.1AI score0.00774EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.7 views

my-springsecurity-plus SQL Injection Vulnerability

my-springsecurity-plus is an RBAC backend privilege management system based on SpringBoot and SpringSecurity by codermy individual developer. A SQL injection vulnerability exists in my-springsecurity-plus versions prior to 2024.07.03, which stems from vulnerability to SQL injection attacks...

9.8CVSS8AI score0.00431EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.10 views

PT-2024-6454 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814...

9.8CVSS9.2AI score0.01821EPSS
Exploits1References15
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.5 views

MRV Tech Logging Administration Panel SQL Injection Vulnerability

MRV Tech Logging Administration Panel is a logging administration panel from MRV Tech USA. An SQL injection vulnerability exists in versions prior to MRV Tech Logging Administration Panel 20230915, which stems from the presence of a SQL injection vulnerability...

9.8CVSS7.9AI score0.00556EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.4 views

ARC 跨站脚本漏洞

ARC is a software package for creating and maintaining file archives. A security vulnerability exists in ARC version 2011-12-01 and earlier versions. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

6.1CVSS5.9AI score0.00412EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.2 views

ARC SQL注入漏洞

ARC is a software package for creating and maintaining file archives. A security vulnerability exists in ARC version 2011-12-01 and earlier. An attacker can exploit this vulnerability to perform blind SQL injection via getTriplePatternSQL...

9.8CVSS8.7AI score0.00752EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.6 views

Zoom On-Premise Meeting Connector 安全漏洞

Zoom On-Premise Meeting Connector is a meeting connector from Zoom USA. A security vulnerability exists in versions prior to Zoom On-Premise Meeting Connector MMR 4.8.20220815.130, which stems from the inclusion of incorrect access control, and can be exploited by an attacker to gain access to...

8.2CVSS7.7AI score0.00578EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.5 views

Home__internet 路径遍历漏洞

Homeinternet is a type of web server by the individual developer Umesh Patil. It is used to make specified folders on a computer accessible on a network for quick file uploads and downloads. Homeinternet A security vulnerability exists in versions 2020-08-28 and earlier, which stems from an unsaf...

9.3CVSS8.2AI score0.01242EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.4 views

photo_tag 路径遍历漏洞

phototag is a photo tagging tool by the individual developer of Boring YiBa. A security vulnerability exists in phototag version 2020-08-31 and earlier versions, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...

9.3CVSS8.2AI score0.01156EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.8 views

ModelConverter 路径遍历漏洞

ModelConverter is a repository for ml-inory individual developers. It is used to convert models. A security vulnerability exists in ModelConverter version 2021-04-26 and earlier, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...

9.3CVSS8.3AI score0.01242EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.6 views

sphere 路径遍历漏洞

sphere is a Python library that implements the Brain Command Interface System by the individual developer Noam Ezekiel. A security vulnerability exists in sphere version 2020-05-31 and earlier, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...

9.3CVSS8.3AI score0.01242EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/15 5:15 p.m.2 views

CVE-2021-42230

Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter...

9.8CVSS5.9AI score0.0593EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/30 12:0 a.m.9 views

AIRDROPX BORN Security Vulnerability

AIRDROPX BORN is an API token service from AIRDROPX BORN that can be used to convert and exchange Bitcoin with other network coins. A security vulnerability exists in AIRDROPX BORN version 2019-05-29 and earlier versions, which stems from a misspelling of the name of the constructor function in t...

7.5CVSS5.8AI score0.01197EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/02 12:0 a.m.3 views

Lexiglot Cross-Site Scripting Vulnerability

Lexiglot is a translation platform written in PHP by the French software developer Damien Sorel. A cross-site scripting vulnerability exists in Lexiglot 2014-11-20 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacke...

5.4CVSS6.5AI score0.00531EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/02 12:0 a.m.2 views

Lexiglot Operating System Command Injection Vulnerability

Lexiglot is a translation platform written in PHP by the French software developer Damien Sorel. An operating system command injection vulnerability exists in the admin.php script in Lexiglot versions 2014-11-20 and earlier. An attacker can exploit this vulnerability by adding a new item to execu...

9.8CVSS8.3AI score0.02441EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/23 12:0 a.m.3 views

Humax Wireless Voice Gateway HGB10R-2 Information Disclosure Vulnerability

The Humax Wireless Voice Gateway HGB10R-2 is a home wireless voice gateway device. The product includes features such as a modem, IP phone and router. A security vulnerability exists in the Humax Wireless Voice Gateway HGB10R-2 version 201608171855. An attacker could exploit the vulnerability to...

7.5CVSS6.8AI score0.01097EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/07 12:0 a.m.4 views

Voten.co Arbitrary Code Execution Vulnerability

Voten.co is an open source blogging community system. A security vulnerability exists in the resources/views/layouts/app.blade.php file in versions of Voten.co prior to 2017-08-25. An attacker can exploit the vulnerability to execute arbitrary JavaScript code when a user views the attacker's...

6.1CVSS7.4AI score0.00913EPSS
Exploits1References1
Rows per page
Query Builder