Lucene search
+L

14 matches found

CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Fortinet FortiSwitchAXFixed 访问控制错误漏洞

The Fortinet FortiSwitchAXFixed is a network switch device developed by the American company Fortinet. There was an access control vulnerability in the Fortinet FortiSwitchAXFixed version 1.0.0 to 1.0.1. This vulnerability stemmed from improper access control, allowing authenticated administrator...

6.7CVSS5.9AI score0.00147EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

MediaCrush 安全漏洞

MediaCrush is a media hosting and sharing platform from the Israeli company MediaCrush. A security vulnerability exists in MediaCrush versions 1.0.0 and 1.0.1, which stems from the incorrect manipulation of the parameter Host in the file /mediacrush/paths.py, which could lead to improper...

7.5CVSS7.3AI score0.00305EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 7:14 p.m.4 views

Security Bulletin: Astronomer with IBM is vulnerable to cross-site scripting due to the markdown-it package (CVE-2025-7969)

Summary Markdown-it is used by Astronomer with IBM as part of markdown parsing functionality. Vulnerability Details CVEID:CVE-2025-7969 DESCRIPTION: Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting...

6.9CVSS5.9AI score0.00229EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 7:10 p.m.8 views

Security Bulletin: Astronomer with IBM is vulnerable to symlink validation bypass due to the tar-fs package (CVE-2025-59343)

Summary Tar-fs is used by Astronomer with IBM as part of tar file processing functionality. Vulnerability Details CVEID:CVE-2025-59343 DESCRIPTION: tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the...

8.7CVSS6.5AI score0.00516EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/03/31 9:37 p.m.9 views

CVE-2025-31677 AI (Artificial Intelligence) - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-003

Cross-Site Request Forgery CSRF vulnerability in Drupal AI Artificial Intelligence allows Cross Site Request Forgery.This issue affects AI Artificial Intelligence: from 1.0.0 before 1.0.2...

8.8CVSS5.9AI score0.0021EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/10 12:0 a.m.5 views

PT-2024-34719 · WordPress · Wpza Amp Img Shortcode

Name of the Vulnerable Software and Affected Versions: WPZA AMP Img Shortcode versions 1.0.0 through 1.0.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that an attacker...

6.5CVSS6.6AI score0.00234EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.3 views

PT-2025-2610 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.0.1 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information using man-in-the-middle techniques...

5.9CVSS6.1AI score0.00256EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.8 views

PT-2024-37506 · Unknown · Lahirudanushka School Management System

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1 Description: A critical issue has been found in the lahirudanushka School Management System, affecting an unknown functionality of the file subject.php of the component...

8.8CVSS5.8AI score0.00585EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.7 views

PT-2024-37503 · Unknown · Lahirudanushka School Management System

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1 Description: A critical issue was found in the lahirudanushka School Management System, affecting the Parent Page component, specifically the file parent.php. The manipulati...

8.8CVSS5.6AI score0.00585EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.4 views

PT-2023-10272 · WordPress · Mark User As Spammer Plugin

Name of the Vulnerable Software and Affected Versions: Mark User as Spammer Plugin versions 1.0.0 through 1.0.1 Description: A vulnerability was found in the Mark User as Spammer Plugin. It affects the user row actions function of the file plugin/plugin.php. The manipulation of the url argument...

5.4CVSS4.1AI score0.00552EPSS
Exploits0References7
CNVD
CNVD
added 2021/07/01 12:0 a.m.7 views

Unspecified vulnerability in deep-override

deep-override is a software application. Provides a recursive object extension and override. A security vulnerability exists in deep-override versions 1.0.0 through 1.0.1, which can be exploited by an attacker to cause a denial of service and possibly remote code execution...

9.8CVSS9.6AI score0.03337EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.5 views

PT-2021-16868 · Unknown · Deep-Override

Name of the Vulnerable Software and Affected Versions: deep-override versions 1.0.0 through 1.0.1 Description: The issue allows an attacker to cause a denial of service and may lead to remote code execution due to a prototype pollution vulnerability. Recommendations: For deep-override versions...

9.8CVSS8.1AI score0.03337EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2021/03/16 12:0 a.m.4 views

PT-2021-16846 · Unknown · Patchmerge

Name of the Vulnerable Software and Affected Versions: patchmerge versions 1.0.0 through 1.0.1 Description: The issue allows an attacker to cause a denial of service and may lead to remote code execution due to a prototype pollution vulnerability. Recommendations: For patchmerge versions 1.0.0...

9.8CVSS9.6AI score0.03507EPSS
Exploits1References8
vulnersOsv
vulnersOsv
added 2019/05/23 3:30 p.m.5 views

buildbot-legacy-slack-adapter (>=1.0.0 <=1.0.1) potentially affected by CVE-2019-12300 via buildbot (=1.3.0)

buildbot PYPI version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on buildbot and may be impacted: - buildbot-legacy-slack-adapter =1.0.0, =1.0.1 Source cves: CVE-2019-12300 Source advisory: OSV:PYSEC-2019-6...

9.8CVSS7.2AI score0.01825EPSS
Exploits0
Rows per page
Query Builder