Lucene search
K

26 matches found

NVD
NVD
added 2026/06/30 8:17 p.m.8 views

CVE-2026-12084

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

7.5CVSS0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in PHP 8.1

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, and 8.5. before 8.5.1, when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting...

8.2CVSS6.4AI score0.00573EPSS
Exploits2References2
NVD
NVD
added 2026/04/29 5:16 p.m.7 views

CVE-2026-6914

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

7.5CVSS0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 12:22 p.m.10 views

CVE-2026-29014 MetInfo CMS Unauthenticated PHP Code Injection RCE

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution path to achieve...

9.8CVSS6.8AI score0.39688EPSS
Exploits4References3
Cvelist
Cvelist
added 2026/02/17 10:53 p.m.26 views

CVE-2025-62183 Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low.

Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low...

4.8CVSS0.00251EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.8 views

PT-2025-45138

Name of the Vulnerable Software and Affected Versions Dell CloudLink versions prior to 8.1.1 Description Dell CloudLink, versions prior to 8.1.1, contains a Command Injection issue that an authenticated attacker can exploit to execute arbitrary commands on the system. Recommendations Update Dell...

6.7CVSS7.5AI score0.00384EPSS
Exploits0References4
OSV
OSV
added 2025/03/30 6:15 a.m.7 views

AZL-59334 CVE-2025-1734 affecting package php for versions less than 8.3.19-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

6.3CVSS6.7AI score0.00481EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/27 11:56 p.m.7 views

WordPress Directorist plugin <= 8.1 - Privilege Escalation and Account Takeover via Weak OTP vulnerability

Privilege Escalation and Account Takeover via Weak OTP vulnerability discovered by wesley wcraft in WordPress Plugin Directorist versions = 8.1...

9.8CVSS7AI score0.0041EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/09/12 3:18 p.m.3 views

CVE-2024-6701

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type...

4.8CVSS5.8AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/17 12:0 a.m.4 views

PT-2024-15184 · Avaya · Avaya Aura Experience Portal Manager

Name of the Vulnerable Software and Affected Versions: Avaya Aura Experience Portal Manager versions 8.0.x through 8.1.x prior to 8.1.2 patch 0402 Avaya Aura Experience Portal Manager versions prior to 8.0 Description: Insecure Direct Object Reference vulnerabilities were discovered in the Avaya...

5.7CVSS4.5AI score0.00335EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/15 12:0 a.m.4 views

PT-2023-2473 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.0.0 through 8.0.27 PHP versions 8.1.0 through 8.1.15 PHP versions 8.2.0 through 8.2.2 Description: The issue is related to an excessive number of parts in HTTP form upload, which can cause high resource consumption and excessiv...

9.8CVSS6.3AI score0.49336EPSS
Exploits76References145
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.6 views

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and the protection of metadata, virtual environments and other environmental data backup. A security...

8.8CVSS7.9AI score0.00762EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.5 views

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android versions 8.1, 9, and 10, which can be exploited by an attacker to cause a...

7.8CVSS5.9AI score0.00137EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/02/02 12:0 a.m.6 views

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android 8.1, 9, and 10. An attacker could exploit this vulnerability to cause a...

9.3CVSS7.1AI score0.00517EPSS
Exploits0References2
OSV
OSV
added 2020/09/02 7:15 p.m.3 views

CVE-2020-4693

IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782...

9.8CVSS7.6AI score0.02538EPSS
Exploits0References2
CNVD
CNVD
added 2020/09/02 12:0 a.m.5 views

IBM Spectrum Protect Code Execution Vulnerability (CNVD-2020-54678)

IBM Spectrum Protect formerly known as Tivoli Storage Manager is a suite of data protection platforms from IBM in the United States. The platform provides organizations with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of...

9.8CVSS7.3AI score0.02538EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/15 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Enterprise Session Border Controller

Oracle Enterprise Session Border Controller E-SBC connects disparate Internet Protocol IP communications networks while mitigating security threats, resolving interoperability issues, and ensuring reliable communications. A security vulnerability exists in the File Upload component in Oracle...

7.5CVSS8.9AI score0.008EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/14 12:0 a.m.4 views

Palo Alto Networks PAN-OS Management Server Component Buffer Overflow Vulnerability

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. A buffer overflow vulnerability exists in the Management Server component of Palo Alto Networks PAN-OS version 7.1, version 8.0, and version 8.1 prior to 8.1.14, which can be exploited by...

9CVSS8.2AI score0.01895EPSS
Exploits0References1
OSV
OSV
added 2020/01/30 9:21 p.m.1 views

GHSA-MH8G-HPRG-8363 Hard-Coded Key Used For Remember-me Token in Opencast

Impact The security configuration in etc/security/mhdefaultorg.xml enables a remember-me cookie based on a hash created from the username, password, and an additional system key. Opencast has hard-coded this system key in the large XML file and never mentions to change this, basically ensuring th...

6.8CVSS5.9AI score0.00939EPSS
Exploits0References3
OSV
OSV
added 2019/08/23 6:15 p.m.8 views

CVE-2019-1581

A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prio...

9.8CVSS7.8AI score0.03242EPSS
Exploits0References1
Rows per page
Query Builder