Lucene search
K

22 matches found

NVD
NVD
added 2026/06/12 4:16 p.m.19 views

CVE-2026-50011

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS0.00371EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.5 views

PT-2026-21168

Name of the Vulnerable Software and Affected Versions whatwouldjessedo Simple Retail Menus versions through 4.2.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP...

5.4AI score0.00339EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2025-40807

A vulnerability has been identified in Gridscale X Prepay All versions V4.2.1. The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions...

6.3CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 10:44 a.m.14 views

CVE-2025-40807

Gridscale X Prepay (Siemens) is affected by CVE-2025-40807 in all versions

6.3CVSS6.6AI score0.00259EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 10:44 a.m.3 views

CVE-2025-40807

A vulnerability has been identified in Gridscale X Prepay All versions V4.2.1. The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions...

6.3CVSS6.6AI score0.00259EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/20 8:3 a.m.4 views

CVE-2025-49400

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osama.esh WP Visitor Statistics Real Time Traffic allows Stored XSS. This issue affects WP Visitor Statistics Real Time Traffic: from n/a through 8.2...

9.8CVSS5.2AI score0.00452EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.3 views

WordPress plugin S3Player 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS6AI score0.00301EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.3 views

WordPress plugin WPC Smart Messages for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.8AI score0.00725EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.4 views

WordPress plugin Side Menu Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

8.8CVSS6.5AI score0.0035EPSS
Exploits2References2
OSV
OSV
added 2024/04/19 1:15 p.m.12 views

AZL-40000 CVE-2024-31744 affecting package jasper for versions less than 4.2.1-2

In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...

7.5CVSS7AI score0.00737EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

Subrion CMS Security Vulnerability

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into websites and supports a variety of extensions plugins and more. A security vulnerability exists in Subrion CMS version 4.2.1, which stems from a SQL injection vulnerability in...

9.8CVSS8AI score0.00654EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.4 views

WordPress Plugin Video Conferencing with Zoom 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS6.8AI score0.00322EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.3 views

SUSE CVE-2004-1182

hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted 1 username or 2 hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password...

7.5CVSS7AI score0.01779EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.2 views

SUSE CVE-2020-20898

Integer Overflow vulnerability in function filter16prewitt in libavfilter/vfconvolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts...

6.5CVSS6.5AI score0.01182EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.6 views

CVE-2022-43120

A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...

5.9AI score0.00498EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/30 12:0 a.m.3 views

Subrion CMS Authorization Issues Vulnerability

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into a website and supports a variety of extensions plugins and more. An authorization issue vulnerability exists in Subrion CMS version 4.2.1. The vulnerability stems from a lack of...

6.5CVSS7.1AI score0.00916EPSS
Exploits1
CNVD
CNVD
added 2018/08/08 12:0 a.m.2 views

HPE Network Function Virtualization Director Information Disclosure Vulnerability

HPE Network Function Virtualization Director NFVD is a suite of NFV orchestration solutions from Hewlett Packard Enterprise HPE, USA. It is designed to automate the management of end-to-end services across VNFs, VNF forwarding maps, and network services NS. An information disclosure vulnerability...

4.3CVSS4.5AI score0.0081EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/07 12:0 a.m.4 views

Charles Proxy Local Elevation of Privilege Vulnerability

Charles Proxy is an HTTP monitor that looks at all HTTP traffic between your computer and the Intel. A local elevation of privilege vulnerability exists in the Charles Proxy Settings suid binary in versions of Charles Proxy prior to 4.2.1. A local attacker can exploit this vulnerability to gain...

7CVSS7.1AI score0.0076EPSS
Exploits3References1
CNVD
CNVD
added 2018/08/02 12:0 a.m.2 views

Subrion cross-site scripting vulnerability (CNVD-2018-14782)

Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site scripting vulnerability exists in uploads/.htaccess in Subrion CMS version 4.2.1, which stems...

6.1CVSS6AI score0.03666EPSS
Exploits6References1
OSV
OSV
added 2018/01/18 2:29 a.m.3 views

CVE-2018-2607

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications subcomponent: Base. The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality Gue...

4.9CVSS7.3AI score0.01121EPSS
Exploits0References2
Rows per page
Query Builder