Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/03/16 12:0 a.m.10 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, 11.2.2 and earlier 11.2.x series, as well as 10.11.10 and earlier 10.11.x series, have security vulnerabilities. These vulnerabilities...

4.3CVSS6.4AI score0.00267EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.13 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, 11.2.2 and earlier 11.2.x series, as well as 10.11.10 and earlier 10.11.x series, have security vulnerabilities. These vulnerabilities...

4.3CVSS6.4AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:26 p.m.9 views

CVE-2025-57870 BUG-000179884 - There is a security vulnerability in ArcGIS Server Feature Services.

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL commands via a specific ArcGIS Feature Service operation. Successful exploitation can...

10CVSS0.00495EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.7 views

PT-2025-43271

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions 11.3 through 11.5 Description A SQL Injection issue exists in Esri ArcGIS Server. This allows a remote, unauthenticated attacker to execute arbitrary SQL commands through a specific ArcGIS Feature Service operation...

10CVSS8.2AI score0.00495EPSS
Exploits0References5
OSV
OSV
added 2025/03/03 8:15 p.m.9 views

CVE-2024-51957

There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...

4.8CVSS6AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/03/03 8:15 p.m.4 views

CVE-2024-51947

There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...

4.8CVSS6AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2023/08/27 11:15 p.m.3 views

CVE-2023-30435

IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

5.4CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2022/04/19 5:15 p.m.3 views

CVE-2021-39076

IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585...

7.5CVSS5.8AI score0.00548EPSS
Exploits0References2
OSV
OSV
added 2021/01/08 3:15 p.m.5 views

CVE-2021-1063

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x prior to 8.6 and version 11.0 pri...

7.8CVSS7.3AI score0.00378EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/07/07 12:0 a.m.8 views

PT-2020-14477 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.3 through 13.1.2 Description: The issue is related to Incorrect Access Control in GitLab EE due to the Maven package upload endpoint. This allows for unauthorized access. Recommendations: For GitLab EE versions 11.3...

5.3CVSS4.8AI score0.01059EPSS
Exploits0References8
OSV
OSV
added 2019/07/01 3:15 p.m.6 views

CVE-2019-4237

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419...

5.4CVSS5.8AI score0.00673EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/05 12:0 a.m.2 views

GitLab CE/EE Information Disclosure Vulnerability (CNVD-2018-26961)

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. An information...

6.5CVSS6.2AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2018/02/15 10:29 p.m.3 views

CVE-2017-8951

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found...

7.8CVSS5.8AI score0.00678EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/03 12:0 a.m.4 views

IBM InfoSphere Information Server XML External Entity Injection Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An XML external entity injection vulnerability exists in IBM InfoSphere Information Server versions 9.1,...

9.1CVSS6.9AI score0.02718EPSS
Exploits2References1
OSV
OSV
added 2017/08/02 5:29 p.m.3 views

CVE-2017-1467

A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466...

8.1CVSS5.8AI score0.01994EPSS
Exploits2References3
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

CVE-2016-8303

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

6.1CVSS7.3AI score0.01368EPSS
Exploits0References3
CNVD
CNVD
added 2017/01/20 12:0 a.m.5 views

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00949)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

5.4CVSS6.8AI score0.00836EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/20 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Solaris Cluster Component (CNVD-2016-09783)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in the Kernel/X86 subcomponent of the Solaris component of the Oracle Sun Systems Products Suite, versions 10 and...

7.8CVSS6.5AI score0.00414EPSS
Exploits0References1
Rows per page
Query Builder