Lucene search
K

23 matches found

vulnrichment
vulnrichment
added 2026/05/29 2:46 p.m.8 views

CVE-2018-25392 MaxOn ERP Software 8.x-9.x SQL Injection via nomor Parameter

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the logactivity function. Attackers can send POST requests to /index.php/user/logactivity with malicious SQL code in...

7.1CVSS6.1AI score0.00273EPSS
Exploits0References4
github
github
added 2026/05/18 7:8 p.m.20 views

Microsoft Security Advisory CVE-2026-32175 – .NET Core Tampering Vulnerability

Executive Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A tampering vulnerability...

4.3CVSS5.8AI score0.00711EPSS
Exploits0References5Affected Software4
patchstack
patchstack
added 2026/05/01 2:45 p.m.6 views

WordPress Simple Link Directory plugin <= 8.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Simple Link Directory versions = 8.9.2...

6.4CVSS5.8AI score0.00195EPSS
Exploits0References1Affected Software1
elastic
elastic
added 2026/04/08 4:1 p.m.57 views

Kibana 8.19.14, 9.2.8, 9.3.3 Security Update (ESA-2026-21)

Execution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Elasticsearch RBAC scope Execution with Unnecessary Privileges CWE-250 in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via...

7.7CVSS5.8AI score0.003EPSS
Exploits0
vulnrichment
vulnrichment
added 2026/03/19 11:12 p.m.3 views

CVE-2026-29109 SuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter Processing

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...

8.6CVSS6.1AI score0.00469EPSS
Exploits0References1
github
github
added 2026/03/11 9:11 p.m.12 views

.NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2026-26130 – .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to...

7.5CVSS6AI score0.02818EPSS
Exploits0References5Affected Software12
cvelist
cvelist
added 2025/11/08 1:7 a.m.10 views

CVE-2025-64492 SuiteCRM is Vulnerable to Authenticated Time Based Blind SQL Injection

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 8.9.0 and below contain a time-based blind SQL Injection vulnerability. This vulnerability allows an authenticated attacker to infer data from the database by measuring response times,...

8.8CVSS0.00335EPSS
Exploits0References1
nessus
nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-30687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and...

6.5CVSS5.9AI score0.00691EPSS
Exploits0References2
redhat
redhat
added 2025/06/11 8:10 a.m.3 views

dotnet: .NET Remote Code Vulnerability

A remote code execution vulnerability in .NET 8.0 and 9.0. An attacker who can place malicious files in specific locations may trigger unintended code execution when the .NET runtime loads these files...

7.5CVSS6.5AI score0.0089EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/22 8:42 p.m.4 views

CVE-2021-39869

In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project...

6.5CVSS6.6AI score0.01227EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/04/25 12:0 a.m.5 views

Laravel 安全漏洞

Laravel is a web application framework from the Laravel community. A security vulnerability exists in Laravel versions 8.x through 9.x through versions prior to 9.32.0, which stems from the authentication method being found vulnerable to attack...

5.3CVSS5.6AI score0.00881EPSS
Exploits1References6
osv
osv
added 2023/03/17 4:15 a.m.4 views

UBUNTU-CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

9.8CVSS6.7AI score0.02216EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2021/10/05 12:0 a.m.5 views

PT-2021-22716 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.9 and later Description: The issue concerns project exports in GitLab CE/EE, where trigger tokens configured on a project may be exposed. This affects all versions since 8.9. Recommendations: For GitLab CE/EE versions...

6.5CVSS6AI score0.01227EPSS
Exploits0References12
cnnvd
cnnvd
added 2020/12/08 12:0 a.m.6 views

Opencast Access Control Error Vulnerability

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast versions 8.9 and prior to 7.9 that stems from Opencast disabling HTTPS hostname validation, which is used by i...

4.8CVSS5.8AI score0.00276EPSS
Exploits0References3
cnvd
cnvd
added 2018/09/05 12:0 a.m.19 views

Google Android System Elevation of Privilege Vulnerability (CNVD-2019-03705)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which System is a component. An elevation of privilege vulnerability exists in System in Android versions 8.0, 8.1, and 9.0. An attacker can exploit this vulnerability to eleva...

7.8CVSS7.8AI score0.00426EPSS
Exploits1References1
attackerkb
attackerkb
added 2018/03/27 5:29 p.m.2 views

CVE-2015-4987

The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote attackers to bypass authentication via unspecified vectors. IBM X-Force ID: 105896...

6.5CVSS5.6AI score0.01133EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2017/12/11 12:0 a.m.10 views

PT-2017-14275 · Node.Js +1 · Node.Js +1

Name of the Vulnerable Software and Affected Versions: Node.js versions 8.X through 9.X Description: The issue arises when the encoding for the fill value does not match the encoding specified, causing buffers to not be initialized correctly. For example, 'Buffer.alloc0x100, "This is not correctl...

9.8CVSS7.9AI score0.95707EPSS
Exploits50References492
osv
osv
added 2017/07/17 1:18 p.m.2 views

CVE-2017-1000027

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access...

6.1CVSS5.8AI score0.01158EPSS
Exploits0References2
cnvd
cnvd
added 2016/11/25 12:0 a.m.9 views

IBM Tealeaf Customer Experience Information Disclosure Vulnerability (CNVD-2016-11558)

IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...

2.9CVSS6.6AI score0.00471EPSS
Exploits0References1
cnvd
cnvd
added 2016/09/21 12:0 a.m.4 views

Unspecified Vulnerability in IBM Tealeaf Customer Experience Replay Serve

IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...

5.3CVSS6.8AI score0.00877EPSS
Exploits0References1
Rows per page
Query Builder