Lucene search
K

14 matches found

Cvelist
Cvelist
added 2025/09/19 1:32 p.m.14 views

CVE-2025-10715 APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components

A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.apeedication. The manipulation results in improper export of android application components. The attack...

5.3CVSS0.00122EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-13345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 10.8. Reflected XSS on Multiple Routes CVE-2020-13345 Note that Nessus relies on the...

5.5CVSS5.5AI score0.00889EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/08/21 6:31 p.m.8 views

Mattermost has Potential Server Crash due to Unvalidated Import Data

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.0, 10.9.x = 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature...

4.9CVSS7AI score0.00299EPSS
Exploits0References4Affected Software4
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.6 views

PT-2025-34258 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.5.x through 10.5.8 Mattermost versions 10.10.x through 10.10.0 Mattermost versions 10.9.x through 10.9.3 Description: The application fails to sanitize file names, potentially...

4.3CVSS7.2AI score0.00698EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.4 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.8.3 and prior 10.8.x, 10.5.8 and prior 10.5.x, 9.11.17 and prior 9.11.x, and 10.9.2 and prior 10.9.x, which stems from an uncleaned path...

6.8CVSS6.4AI score0.0038EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/29 12:0 a.m.4 views

PT-2024-16701 · Nec · Univerge Ix +1

Name of the Vulnerable Software and Affected Versions: NEC Corporation UNIVERGE IX versions Ver9.2 through Ver10.10.21 NEC Corporation UNIVERGE IX versions Ver10.8 through Ver10.8.27 NEC Corporation UNIVERGE IX versions Ver10.9 through Ver10.9.14 NEC Corporation UNIVERGE IX-R/IX-V version Ver1.2....

7.2CVSS7.2AI score0.0107EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.7 views

PT-2024-15179 · Thales · Thales Safenet Authentication Client

Name of the Vulnerable Software and Affected Versions: Thales SafeNet Authentication Client versions prior to 10.8 R10 Description: A flaw in the software allows an attacker to execute code at a SYSTEM level via local access on Windows. Recommendations: For versions prior to 10.8 R10, update to...

7.8CVSS7.8AI score0.00341EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.21 views

WordPress plugin WP TripAdvisor Review Slider SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...

8.8CVSS8.2AI score0.04356EPSS
Exploits2References2
OSV
OSV
added 2022/12/29 8:15 p.m.3 views

CVE-2022-38203

Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...

7.5CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/18 8:15 a.m.2 views

CVE-2022-29487

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.3AI score0.00546EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/01/31 12:0 a.m.7 views

PT-2022-9908 · Esri · Esri Arcreader

Name of the Vulnerable Software and Affected Versions: Esri ArcReader versions 10.8.1 and earlier Description: An out-of-bounds read issue exists when parsing a specially crafted file, allowing an unauthenticated attacker to induce an information disclosure issue in the context of the current use...

5.5CVSS3.8AI score0.00331EPSS
Exploits0References4
OSV
OSV
added 2021/07/11 2:15 a.m.5 views

CVE-2021-29103

A reflected Cross Site Scripting XXS vulnerability in ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...

6.1CVSS6.6AI score0.00744EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/06 12:0 a.m.1 views

PT-2020-13486 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 10.8 and later Description: An issue has been discovered in GitLab, specifically a reflected XSS on multiple routes. Recommendations: For GitLab versions 10.8 and later, update to a version that includes a fix for this issue...

5.5CVSS5AI score0.00889EPSS
Exploits1References10
OSV
OSV
added 2018/05/23 5:29 p.m.5 views

CVE-2018-10653

There is an XML External Entity XXE Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3...

9.8CVSS5.8AI score0.06801EPSS
Exploits4References2
Rows per page
Query Builder