Lucene search
K

28 matches found

CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Dell Unisphere for PowerMax vApp 授权问题漏洞

Dell Unisphere for PowerMax vApp is a virtualization management solution developed by the American company Dell. Versions of Dell Unisphere for PowerMax vApp prior to 10.0.0.2 had an authorization-related vulnerability. This vulnerability stemmed from an attempt to bypass authorization...

7.5CVSS5.8AI score0.00247EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.8 views

GLPI SQL注入漏洞

GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...

8.8CVSS5.8AI score0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.8 views

PT-2026-22324

Name of the Vulnerable Software and Affected Versions Johnson Controls Frick Controls Quantum HD versions prior to 10.22 Description A flaw exists in Johnson Controls Frick Controls Quantum HD that allows for the execution of code remotely without authentication. This is due to insufficient...

9.8CVSS6.2AI score0.00626EPSS
Exploits0References8
NVD
NVD
added 2025/12/15 11:15 p.m.5 views

CVE-2025-9121

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...

8.8CVSS0.00362EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202435

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.00164EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

MailEnable 代码问题漏洞

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

8.5CVSS6.1AI score0.00164EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/12 7:57 p.m.6 views

CVE-2025-46428

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8.8CVSS0.01085EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/21 12:0 a.m.5 views

Dnn.Platform 跨站脚本漏洞

Dnn.Platform is an open source web content management platform CMS open sourced by Dnn Software. A cross-site scripting vulnerability exists in Dnn.Platform versions prior to 10.0.1, which stems from a specially crafted request injection script that could lead to a cross-site scripting attack...

5.4CVSS6.1AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.5 views

Publify 安全漏洞

Publify is a simple but full-featured web publishing software from Publify Open Source. A security vulnerability exists in Publify versions prior to 10.0.1, which stems from a possible cross-site scripting attack against administrators via the redirection feature...

5.4CVSS5.8AI score0.00242EPSS
Exploits1References2
OSV
OSV
added 2025/02/25 4:15 p.m.2 views

UBUNTU-CVE-2025-23024

GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch. As a workaround, one may delete the install/update.php file...

6.9CVSS7.3AI score0.00263EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.3 views

PT-2025-1739 · WordPress · Wp Travel

Name of the Vulnerable Software and Affected Versions: WP Travel – Ultimate Travel Booking System, Tour Management Engine plugin for WordPress versions prior to 10.0.1 Description: The issue is related to SQL Injection via the booking itinerary parameter of the wptravel get booking data function...

6.5CVSS7.9AI score0.00451EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.5 views

WordPress Plugin Information Reel SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS7.7AI score0.00797EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.3 views

Veritas Technologies Veritas NetBackup 代码问题漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A code issue vulnerability exists in Veritas Technologies Veritas NetBackup versions prior to 10.0, which stems from a flaw in the way DLL paths are verified prior...

7.8CVSS7.4AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2022/12/06 4:15 p.m.3 views

CVE-2022-38123

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

7.2CVSS5.8AI score0.00747EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/03 12:0 a.m.3 views

GLPI 跨站脚本漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

7.5CVSS5.4AI score0.00442EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.3 views

Opencast 授权问题漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. An authorization issue vulnerability exists in Opencast prior to version 10.14 and prior to version 11.7, which stems from the fact that a user can pass i...

5.5CVSS5.7AI score0.00541EPSS
Exploits0References3
OSV
OSV
added 2022/03/23 8:15 p.m.4 views

CVE-2021-27460

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to th...

9.8CVSS7.2AI score0.03072EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.6 views

LumisXP 代码问题漏洞

LumisXP is an application from the Portuguese company LumisXP. It provides a platform for managing customers. A security vulnerability exists in LumisXP versions prior to 10.0.0 that allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. An attack that exploits this...

9.1CVSS5.6AI score0.18607EPSS
Exploits1References2
CNVD
CNVD
added 2020/05/28 12:0 a.m.3 views

Apple macOS Catalina Wi-Fi component memory corruption vulnerability (CNVD-2020-32218)

Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.Wi-Fi is one of the wireless Internet components. A memory corruption vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5, which can be exploited by an attack...

9.3CVSS7.6AI score0.01033EPSS
Exploits0References1
OSV
OSV
added 2020/05/14 8:15 p.m.3 views

CVE-2020-12875

Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application...

6.3CVSS6.6AI score0.00642EPSS
Exploits0References1
Rows per page
Query Builder