Lucene search
K

67 matches found

CNVD
CNVD
added 2020/07/22 12:0 a.m.4 views

Unspecified Vulnerability in Sylabs Singularity (CNVD-2020-52437)

Singularity is a Linux-based container platform for running standalone applications. A security vulnerability exists in Sylabs Singularity versions 3.0 through 3.5, which stems from a lack of integrity checks in the program. A remote attacker could exploit the vulnerability by sending a specially...

7.5CVSS6.9AI score0.00629EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 7:15 p.m.6 views

CVE-2019-5644

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

9.8CVSS6.8AI score0.0132EPSS
Exploits3References1
OSV
OSV
added 2019/10/17 7:15 p.m.4 views

CVE-2019-13657

CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security...

8.8CVSS7.6AI score0.02502EPSS
Exploits0References5
OSV
OSV
added 2019/09/17 8:15 p.m.3 views

CVE-2019-13538

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source...

8.6CVSS5.7AI score0.00855EPSS
Exploits0References2
CNVD
CNVD
added 2019/05/29 12:0 a.m.2 views

SQL Injection Vulnerability in Tpshop v3.5 In***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 In.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2018/08/28 12:0 a.m.3 views

Code Execution Vulnerability in Xingyunhai CMS V3.5

Xing Yunhai CMS XYHcms is a completely open source CMS content management system. XYH CMS V3.5 code execution vulnerabilities exist. Attackers can use the vulnerability to insert a sentence Trojan horse , to obtain server privileges...

7.7AI score
Exploits0
CNVD
CNVD
added 2018/07/25 12:0 a.m.4 views

XYHCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-13984)

XYHCMS is an open source content management system CMS. A cross-site request forgery vulnerability exists in xyhai.php?s=/Auth/addUser URL in XYHCMS version 3.5. A remote attacker can exploit this vulnerability to add a backend administrator account...

8.8CVSS8.8AI score0.00494EPSS
Exploits1References1
OSV
OSV
added 2018/07/24 4:29 p.m.3 views

CVE-2018-14583

xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account...

8.8CVSS5.8AI score0.00494EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/19 12:0 a.m.3 views

Command Execution Vulnerability in OTCMS v3.53

Net Titanium Article Management System OTCMS is a simple and good asp article management system. A command execution vulnerability exists in OTCMS v3.53. An attacker can use the vulnerability to obtain website path information and write PHP code to gain server privileges...

7.5AI score
Exploits0
CNVD
CNVD
added 2018/05/24 12:0 a.m.1 views

Command Execution Vulnerability in Cscms v3.5 Backend

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. A command execution vulnerability exists in the backend of Cscms v3.5, which allows attackers to remotely execute commands and gain server privileges...

7.6AI score
Exploits0
CNVD
CNVD
added 2018/04/17 12:0 a.m.4 views

XYHCMS Cross-Site Request Forgery Vulnerability

XYHCMS is an open source content management system CMS. A cross-site request forgery vulnerability exists in XYHCMS version 3.5. A remote attacker can exploit this vulnerability by sending an index.php?g=Manage&m=Rbac&a=addUser request to add an administrator account...

8.8CVSS7AI score0.00483EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/30 12:0 a.m.4 views

CA API Developer Portal Cross-Site Scripting Vulnerability

CA API Developer Portal is a set of CA's API Application Programming Interface query function for software developers. A cross-site scripting vulnerability exists in the profile picture handling in CA API Developer Portal versions 3.5 through 3.5 CR6, which stems from the program failing to...

6.1CVSS6.5AI score0.00915EPSS
Exploits0References1
OSV
OSV
added 2018/03/29 1:29 p.m.3 views

CVE-2018-6586

CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing...

6.1CVSS5.7AI score0.00915EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/03/29 12:0 a.m.9 views

PT-2018-17651 · Ca · Ca Api Developer Portal

Name of the Vulnerable Software and Affected Versions: CA API Developer Portal versions 3.5 up to and including 3.5 CR6 Description: The issue is related to a reflected cross-site scripting vulnerability. This vulnerability is associated with the widgetID variable. Recommendations: For CA API...

6.1CVSS6AI score0.00915EPSS
Exploits0References3
CNVD
CNVD
added 2018/02/26 12:0 a.m.3 views

Code Execution Vulnerability in xyhcms v3.5

Xing Yunhai CMS XYHcms is a completely open source CMS content management system. xyhcms v3.5 version of the code execution vulnerabilities , attackers can exploit the vulnerability to insert a sentence Trojan horse to obtain the website webshell...

7.6AI score
Exploits0
CNVD
CNVD
added 2018/01/22 12:0 a.m.1 views

Arbitrary File Deletion Vulnerability in Xingyunhai CMS v3.5

Xing Yunhai CMS XYHCMS is a completely open source CMS content management system, simple and easy to use. XYHCMS V3.5 version of the existence of arbitrary file deletion vulnerability, an attacker can use the vulnerability to delete any file , such as deleting install.lock for CMS reinstallation ...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/01/22 12:0 a.m.3 views

Arbitrary File Download Vulnerability in Xingyunhai CMS v3.5

Xing Yunhai CMS XYHCMS is a completely open source CMS content management system, simple and easy to use. XYHCMS V3.5 version of the existence of arbitrary file download vulnerability, the attacker can be constructed through the parameters to download any file server , such as script code , servi...

7.2AI score
Exploits0
OSV
OSV
added 2017/06/13 6:29 a.m.3 views

DEBIAN-CVE-2017-4967

An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ...

6.1CVSS6.2AI score0.01915EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/06/13 12:0 a.m.4 views

PT-2017-4084 · Pivotal +1 · Rabbitmq +1

Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 3.4.x through 3.5.x RabbitMQ versions 3.6.x prior to 3.6.9 RabbitMQ for PCF versions 1.5.x RabbitMQ for PCF versions 1.6.x prior to 1.6.18 RabbitMQ for PCF versions 1.7.x prior to 1.7.15 Description: The issue is related to...

9.8CVSS6.4AI score0.99856EPSS
Exploits19References105
OSV
OSV
added 2016/09/21 2:25 p.m.4 views

UBUNTU-CVE-2016-7143

The mauthenticate function in modules/msasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...

8.1CVSS7.3AI score0.0106EPSS
Exploits0References2
Rows per page
Query Builder