Lucene search
K

20 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Sangoma Technologies Switchvox 安全漏洞

Sangoma Technologies Switchvox is a telephone system developed by Sangoma Technologies in Canada, suitable for businesses of any size. Prior to the version 8.4 of Sangoma Technologies Switchvox, there was a security vulnerability. This vulnerability stemmed from the storage of plaintext SIP...

3.2CVSS5.8AI score0.00095EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/17 11:13 a.m.3 views

CVE-2025-46607

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access...

6.6CVSS5.8AI score0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 12:0 a.m.6 views

CVE-2026-38533

An improper authorization vulnerability in the /api/v1/users/id endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request...

5.8AI score0.00311EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.9 views

Vtiger CRM 安全漏洞

Vtiger CRM is a customer relationship management system developed by Vtiger Corporation in the United States, based on SugarCRM. This system provides functions for managing, collecting, and analyzing customer information. Version Vtiger CRM 8.4.0 has a security vulnerability that stems from...

6.1CVSS5.8AI score0.00163EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/09 6:31 p.m.7 views

EUVD-2025-209386

An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server...

6.2AI score0.00288EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/04 12:0 a.m.8 views

WordPress plugin Visitor Traffic Real Time Statistics 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.2CVSS5.8AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.10 views

Oracle Linux 8 : mysql:8.4 (ELSA-2026-6391)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6391 advisory. mecab mecab-ipadic mysql 8.4.8-1 - Rebase to 8.4.8 Tenable has extracted the preceding description block directly from the Oracle Linux security...

6.5CVSS7.1AI score0.00337EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.5 views

CVE-2026-32423

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
Fedora
Fedora
added 2026/01/20 1:38 a.m.5 views

[SECURITY] Fedora 42 Update: mysql8.0-8.0.44-4.fc42

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.9 views

CVE-2022-31901

Buffer overflow in function Notepadplus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files...

6.5CVSS7.1AI score0.01305EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/25 12:0 a.m.13 views

CVE-2025-61167

SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...

0.00179EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 6:30 p.m.4 views

EUVD-2025-93504

Incorrect default permissions for the IntelR Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable local code execution...

6.7CVSS6.6AI score0.00108EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/08 3:40 p.m.67 views

CVE-2025-8356 Path Traversal leading to RCE

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution RCE, allowing the attacker to run arbitrary commands on the system...

9.8CVSS0.14774EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:55 p.m.9 views

CVE-2020-12018

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...

7.5CVSS6.8AI score0.01529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.7 views

CVE-2019-13978

Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat=mem request...

8.8CVSS8.1AI score0.01462EPSS
Exploits5References1
OSV
OSV
added 2025/04/15 9:15 p.m.9 views

AZL-62210 CVE-2025-30681 affecting package mysql for versions less than 8.0.42-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

2.7CVSS7AI score0.00665EPSS
Exploits0References1
OSV
OSV
added 2023/11/27 11:15 a.m.5 views

CVE-2023-5607

An improper limitation of a path name to a restricted directory path traversal vulnerability in the TACC ePO extension, for on-premises ePO servers, prior to version 8.4.0 could lead to an authorised administrator attacker executing arbitrary code through uploading a specially crafted GTI...

7.2CVSS5.9AI score
Exploits0References1
CNNVD
CNNVD
added 2023/05/03 12:0 a.m.6 views

FRRouting FRR 缓冲区错误漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 8.4 and earlier versions, which originates from an out-of-bounds read by the BGP daemon...

6.5CVSS6.7AI score0.02107EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/09/11 12:0 a.m.7 views

PT-2019-19049 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Jira versions prior to 8.4.0 Description: The issue allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class. This is relate...

6.5CVSS6.4AI score0.94453EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2017/07/11 12:0 a.m.2 views

PT-2017-11789 · Pcre +2 · Pcre +2

Name of the Vulnerable Software and Affected Versions: PCRE version 8.41 Description: The issue allows stack exhaustion due to uncontrolled recursion when processing a crafted regular expression, specifically through the OP KETRMAX feature in the match function in pcre exec.c. Recommendations: Fo...

7.8CVSS6.1AI score0.03102EPSS
Exploits2References21
Rows per page
Query Builder