Lucene search
K

51 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application developed by Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. There are security vulnerabilities in versions of Synology Surveillance Station prior to 9.2.2.2-11575 and...

4.9CVSS5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 9:23 p.m.22 views

CVE-2026-8434

Concrete CMS 9.x prior to 9.5.0 is vulnerable to CSRF at the concrete/controllers/backend/file rescanMultiple() endpoint. Root cause: CSRF in the rescanMultiple() handler, reported with CVSS v4.0 vector AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N and a base score of 2.3 (LOW). Impact i...

8.8CVSS5.8AI score0.0013EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.8 views

Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is an operating system developed by the American company Dell. It provides a horizontally scalable NAS solution through the PowerScale OneFS operating system. Versions of Dell PowerScale OneFS prior to 9.12.0.0 contained security vulnerabilities, which were caused by imprope...

4.4CVSS5.8AI score0.00142EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 6:31 p.m.4 views

GHSA-78CG-FC6C-W44W Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability

Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields get be checked at FileItemDTO object. This issue affects Apache OpenMeetings: from...

5.3CVSS5.8AI score0.00418EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

Drupal Anti-Spam by CleanTalk 安全漏洞

Drupal Anti-Spam by CleanTalk is a security module for content management systems provided by the Drupal company, which offers automatic spam detection and filtering capabilities. Versions of Drupal Anti-Spam by CleanTalk prior to version 9.7.0 contained a security vulnerability caused by imprope...

4.7CVSS5.6AI score0.00171EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 12:41 p.m.11 views

CVE-2026-21426

CVE-2026-21426 affects Dell PowerScale OneFS prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1. The vulnerability is described as an execution with unnecessary privileges, allowing a high-privileged local attacker to cause denial of service, privilege escalation, and information disclosure...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.11 views

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS prior to 9.4.8 contained a security vulnerability. This vulnerability stemmed from PHP object injection in the columns parameter within the Express Entry List block, which could lead to remote co...

8.9CVSS6.1AI score0.00605EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.4 views

PT-2026-6790

Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.2.0 Description calibre is an e-book manager. A Server-Side Template Injection SSTI vulnerability exists in calibre’s Templite templating engine. This allows for arbitrary code execution when a user converts an eboo...

9.3CVSS6.3AI score0.0052EPSS
Exploits7References26
CBLMariner
CBLMariner
added 2026/01/29 6:36 p.m.6 views

CVE-2025-61103 affecting package frr for versions less than 9.1.1-5

CVE-2025-61103 affecting package frr for versions less than 9.1.1-5. A patched version of the package is available...

7.5CVSS5.9AI score0.00582EPSS
Exploits1
NVD
NVD
added 2025/12/18 8:16 a.m.5 views

CVE-2025-64192

Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...

6.3CVSS0.00189EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-23610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions prior to 9.5.12 and 10.0.6 are vulnerable to Improper Privilege Management. Any user having...

6.5CVSS6.4AI score0.0073EPSS
Exploits0References2
CNVD
CNVD
added 2025/07/23 12:0 a.m.3 views

Dell PowerScale OneFS Encryption Issue Vulnerability

Dell PowerScale OneFS is an enterprise-class distributed file storage system from Dell. A security vulnerability exists in Dell PowerScale OneFS versions prior to 9.11.0.0 that stems from the use of an insecure encryption algorithm. An attacker could exploit the vulnerability to cause information...

4.9CVSS6.5AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.5 views

CVE-2023-22055

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS5.5AI score0.00327EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/22 12:0 a.m.8 views

PT-2024-39232 · WordPress · Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: The Quiz and Survey Master QSM WordPress plugin versions prior to 9.1.3 Description: The issue is related to the Quiz and Survey Master QSM WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow...

4.8CVSS5.8AI score0.00373EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.2 views

Rubrik 安全漏洞

Rubrik is a suite of cloud data management platforms from Rubrik, Inc. in the United States. The platform is capable of providing data backup, data protection, data analysis, data compliance, and data recovery. A security vulnerability exists in Rubrik versions prior to 9.1.2-p1, 9.0.3-p6, and...

9.8CVSS7.2AI score0.00491EPSS
Exploits0References3
OSV
OSV
added 2024/03/28 7:15 p.m.4 views

CVE-2024-25946

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity...

8.8CVSS5.9AI score
Exploits0References1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.2 views

Hitachi Energy Asset Suite 安全漏洞

Hitachi Energy Asset Suite is a powerful suite from Hitachi, Japan. standardizes and streamlines enterprise asset management workflows to maximize employee productivity and improve asset performance. A security vulnerability exists in Hitachi Energy Asset Suite versions prior to 9.6.3.13 and prio...

5.3CVSS6.9AI score0.00371EPSS
Exploits0References2
OSV
OSV
added 2024/02/09 7:15 p.m.6 views

CVE-2024-1247

Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the...

4.8CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.4 views

PT-2024-19230 · WordPress · Wp Spell Check

Name of the Vulnerable Software and Affected Versions: WP Spell Check versions prior to 9.18 Description: A Cross-Site Request Forgery CSRF issue has been identified. This allows an attacker to perform unintended actions on a user's behalf. Recommendations: For versions prior to 9.18, update to...

8.8CVSS9.1AI score0.00208EPSS
Exploits0References5
OSV
OSV
added 2023/11/16 11:15 p.m.6 views

AZL-32011 CVE-2023-48237 affecting package vim for versions less than 9.0.2112-1

Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This...

4.3CVSS7AI score0.00749EPSS
Exploits0References1
Rows per page
Query Builder