Lucene search
K

51 matches found

EUVD
EUVD
added 2026/06/26 10:59 p.m.7 views

EUVD-2026-39492

pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...

7.3CVSS5.8AI score0.0027EPSS
Exploits1References2
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46914

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

7.1CVSS0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. There is a security vulnerability in Mattermost, which stems from the lack of verification of the size of extracted files during decompression. This vulnerability could allow authenticated users to b...

6.5CVSS5.8AI score0.00343EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.2.2 and earlier of the 11.2.x series, as well as versions 10.11.10 and earlier of the 10.11.x series, 11.4.0 and earlier of the 11.4.x series, and 11.3...

5.4CVSS5.8AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.6 views

CVE-2025-67711

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.7AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.10 views

CVE-2025-67709

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.7AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 11:15 p.m.8 views

CVE-2025-67708

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 11:15 p.m.2 views

CVE-2025-67703

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS5.4AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 10:18 p.m.22 views

CVE-2025-67710 Stored XSS vulnerability in ArcGIS Server

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.4 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A cross-site scripting vulnerability exists in Esri ArcGIS Server version 11.4 and earlier, which stems from a stored cross-site scripting issue that could lead to malicious...

6.1CVSS6AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.4 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A cross-site scripting vulnerability exists in Esri ArcGIS Server version 11.4 and earlier, which stems from a stored cross-site scripting issue that could lead to malicious...

6.1CVSS6AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.3 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A cross-site scripting vulnerability exists in Esri ArcGIS Server version 11.4 and earlier, which stems from a stored cross-site scripting issue that could lead to malicious...

6.1CVSS6AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A cross-site scripting vulnerability exists in Esri ArcGIS Server version 11.4 and earlier, which stems from a stored cross-site scripting issue that could lead to malicious...

6.1CVSS6AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/07 5:36 p.m.9 views

CVE-2025-36156 IBM InfoSphere Data Replication VSAM for z/OS Remote Source code execution

IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system...

7.4CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-31608

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00209EPSS
Exploits0References2
CVE
CVE
added 2025/09/29 6:38 p.m.13 views

CVE-2025-57872

The CVE-2025-57872 entry concerns Esri Portal for ArcGIS 11.4 and earlier, which contains an unvalidated redirect vulnerability. An unauthenticated remote attacker could craft a URL that redirects victims to an attacker‑controlled site, potentially enabling phishing. Public details across sources...

6.1CVSS6.6AI score0.00232EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/29 6:37 p.m.3 views

CVE-2025-57873 BUG-000175222 - Reflected XSS vulnerability in Portal for ArcGIS.

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...

4.8CVSS6.2AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 6:37 p.m.8 views

CVE-2025-57874 BUG-000161627 - Reflected XSS vulnerability in Portal for ArcGIS.  (11.3, 11.1, 10.9.1)

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...

4.8CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 6:35 p.m.14 views

CVE-2025-57875 BUG-000164122 - Reflected XSS vulnerability in Portal for ArcGIS.

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...

4.8CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 6:34 p.m.21 views

CVE-2025-57877 Reflected XSS vulnerability in Portal for ArcGIS.

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...

4.8CVSS0.00209EPSS
Exploits0References1
Rows per page
Query Builder