Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-21305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and...

8.8CVSS8.2AI score0.12678EPSS
Exploits1References2
CVE
CVE
added 2025/05/21 4:21 p.m.57 views

CVE-2025-4415

CVE-2025-4415 affects the Drupal Piwik PRO module prior to 1.3.2. The issue is described as Improper Neutralization of Input During Web Page Generation, enabling Cross-Site Scripting (XSS). Affected versions are 0.0.0 through 1.3.2, with public references indicating an authenticated XSS concern (...

4.8CVSS5AI score0.00189EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/14 12:0 a.m.11 views

Drupal Piwik PRO module < 1.3.2 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Piwik PRO versions 1.3.2...

4.8CVSS6.1AI score0.00189EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

BACnet Stack Security Vulnerability

BACnet Stack is a BACnet open source protocol stack C library for embedded systems, Linux, MacOS, BSD and Windows. A security vulnerability exists in BACnet Stack versions prior to 1.3.2 that stems from the presence of buffer over-reads...

9.1CVSS6.9AI score0.01053EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/12/22 12:0 a.m.6 views

Microweber 跨站脚本漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A cross-site scripting vulnerability exists in Microweber versions prior to 1.3.2, which...

6.1CVSS6.1AI score0.00488EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/20 12:0 a.m.5 views

Skylot Jadx 代码问题漏洞

Skylot Jadx is a Dex to Java decompiler. A code issue vulnerability exists in Skylot Jadx that stems from the product's improper restriction on XML external entity references. The following products and versions are affected: Skylot Jadx versions prior to 1.3.2...

5.5CVSS5.8AI score0.01059EPSS
Exploits1References3
CNVD
CNVD
added 2020/10/27 12:0 a.m.3 views

Aruba Airwave Software Server-Side Request Forgery Vulnerability

Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. A server-side request forgery vulnerability exists in Aruba Airwave Software versions prior to 1.3.2, which allows an attacker t...

5.8CVSS6.9AI score0.00816EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/27 12:0 a.m.4 views

Aruba Airwave Software Remote Code Execution Vulnerability

Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. A remote code execution vulnerability exists in Aruba Airwave Software versions prior to 1.3.2. An attacker can exploit this...

9.8CVSS8.4AI score0.01751EPSS
Exploits0References1
NVD
NVD
added 2019/08/23 5:15 p.m.21 views

CVE-2019-10746

mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload...

9.8CVSS9.3AI score0.03508EPSS
Exploits1References4
PyPA
PyPA
added 2018/04/09 7:29 a.m.5 views

PYSEC-2018-10

Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request...

8.8CVSS6.7AI score0.0065EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder