Lucene search
K

23 matches found

Vulnrichment
Vulnrichment
added 2026/01/13 12:59 p.m.3 views

CVE-2025-13774 SQL injection leading to privilege escalation in Progress Flowmon ADS

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

8.8CVSS7.6AI score0.00423EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.5 views

HarfBuzz 安全漏洞

HarfBuzz is HarfBuzz open source a text engine for OpenType fonts. HarfBuzz version before 12.3.0 has a security vulnerability , the vulnerability stems from the SubtableUnicodesCache::create function does not check the hbmalloc return value , which may lead to null pointer dereferencing and...

5.3CVSS6.4AI score0.00377EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.4 views

CVE-2018-4399

An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

5.5CVSS6.3AI score0.00928EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/02 12:0 a.m.8 views

KEYENCE KV STUDIO 安全漏洞

KEYENCE KV STUDIO is a PLC programming and debugging software from KEYENCE Japan. A security vulnerability exists in KEYENCE KV STUDIO version 12.23 and earlier, which originates from a buffer overflow and could lead to the execution of arbitrary code...

7.8CVSS7.9AI score0.0013EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/06 12:0 a.m.3 views

PT-2025-36382

Name of the Vulnerable Software and Affected Versions: versions prior to 12.0 Hotfix 91155 Description: Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory, resulting in a loss of integrity. Recommendations: At the moment, there is no...

5.3CVSS6.1AI score0.00116EPSS
Exploits0References5
OSV
OSV
added 2025/06/26 1:32 p.m.5 views

CVE-2025-48921 Open Social - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-079

Cross-Site Request Forgery CSRF vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open Social: from 0.0.0 before 12.3.14, from 12.4.0 before 12.4.13...

8.8CVSS5.9AI score0.00161EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.6 views

Kiwi TCMS 安全漏洞

Kiwi TCMS is a leading open source test management system for manual and automated testing from Kiwi TCMS Open Source. A security vulnerability exists in Kiwi TCMS versions prior to 12.0, which stems from the fact that the system is not rate-limited, which makes brute-force attacks on the login...

9.8CVSS8.3AI score0.00902EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.5 views

Kiwi TCMS 安全漏洞

Kiwi TCMS is a leading open source test management system for manual and automated testing from Kiwi TCMS Open Source. A security vulnerability exists in Kiwi TCMS versions prior to 12.0, which stems from the fact that the system is not rate-limited, which makes brute-force attacks on the login...

7.5CVSS6.6AI score0.00908EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.8 views

SugarCRM 输入验证错误漏洞

SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales representatives. A security...

8.8CVSS8.7AI score0.80274EPSS
Exploits4References5
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.3 views

PT-2022-10902 · Philips · Philips Vue Myvue Pacs

Name of the Vulnerable Software and Affected Versions: Philips Vue MyVue PACS versions prior to 12.2.x.x Description: The issue allows authenticated users to perform Path Traversal, accessing files stored outside of the web root through the VideoStream function. Recommendations: For Philips Vue...

6.5CVSS6.9AI score0.00864EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/10/31 12:0 a.m.5 views

WordPress theme Newspaper 跨站脚本漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in versions of WordPress theme Newspaper prior to 12, whi...

6.1CVSS6AI score0.00551EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/10/31 12:0 a.m.5 views

WordPress theme Newspaper 跨站脚本漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in versions of WordPress theme Newspaper prior to 12, whi...

6.1CVSS6AI score0.00969EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/06/07 12:0 a.m.1 views

PT-2022-10658 · Unknown · Virtua Cobranca

Name of the Vulnerable Software and Affected Versions: Virtua Cobranca versions prior to 12R Description: The issue allows SQL Injection on the login page. Recommendations: For versions prior to 12R, update to version 12R or later to resolve the issue...

7.5CVSS7.8AI score0.29667EPSS
Exploits5References7
CNNVD
CNNVD
added 2022/06/06 12:0 a.m.6 views

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in the Framework in Google Android versions prior to 12L. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or vendor...

7.8CVSS7.5AI score0.00104EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/03/14 12:0 a.m.1 views

PT-2022-15613 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.3 Description: A logic issue was addressed with improved validation. A malicious application may be able to gain root privileges. Recommendations: For versions prior to 12.3, update to macOS Monterey 12.3 to resolve...

9.3CVSS6.6AI score0.01129EPSS
Exploits0References16
CNNVD
CNNVD
added 2022/03/07 12:0 a.m.14 views

Google Android 数据伪造问题漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android versions prior to 12. The vulnerability stems from an incorrect programmatic call to an advanced local procedure. An attacker could use this vulnerability to...

7.2CVSS5.9AI score0.00099EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/03/24 12:0 a.m.2 views

PT-2021-14891 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 12.2 Description: A vulnerability was discovered in GitLab that made it susceptible to a Server-Side Request Forgery SSRF attack. The attack was possible through the Outbound Requests feature. Recommendations: For...

5.5CVSS5.1AI score0.00946EPSS
Exploits0References11
OSV
OSV
added 2020/06/15 2:15 p.m.2 views

CVE-2020-0541

Out-of-bounds write in subsystem for IntelR CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS7.3AI score0.00388EPSS
Exploits0References3
CNVD
CNVD
added 2019/11/14 12:0 a.m.3 views

Intel Active Management Technology Elevation of Privilege Vulnerability (CNVD-2019-42601)

Intel Active Management Technology AMT is a set of hardware-based computer remote active management technology software from Intel Intel. A security vulnerability exists in the subsystem in Intel AMT versions prior to 12.0.45 that stems from inadequate input validation. An attacker could exploit...

9.8CVSS6.8AI score0.01568EPSS
Exploits0References1
OSV
OSV
added 2019/04/03 6:29 p.m.0 views

CVE-2018-4383

A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

7.8CVSS5.8AI score0.01061EPSS
Exploits0References4
Rows per page
Query Builder