Lucene search
K

15 matches found

EUVD
EUVD
added 2026/04/21 6:31 p.m.4 views

EUVD-2026-24143

This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of...

9.4CVSS6AI score0.0127EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-34128

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.0 through 8.0.45 MySQL Server versions 8.4.0 through 8.4.8 MySQL Server versions 9.0.0 through 9.6.0 Description An issue in the InnoDB component of MySQL Server allows a high privileged attacker with network access v...

6.5CVSS7.2AI score0.00323EPSS
Exploits0References126
EUVD
EUVD
added 2026/03/17 6:30 p.m.5 views

EUVD-2026-12590

This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.6, allows an authenticated attacker to execute...

8.6CVSS6.1AI score0.00507EPSS
Exploits0References3
OSV
OSV
added 2026/03/16 9:53 a.m.3 views

BIT-PARSE-2026-32269 Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation, a malformed value is sent t...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/28 3:42 a.m.7 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect Rational Business Developer

Summary There are vulnerabilities in IBM Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Oct 2025. Vulnerability Details CVEID:CVE-2025-53057...

7.5CVSS5.9AI score0.00633EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.3 views

Digital-Infrastructure 路径遍历漏洞

Digital-Infrastructure is an open source management support platform from Risesoft. A path traversal vulnerability exists in Digital-Infrastructure 9.6.7 and earlier versions, which stems from improper handling of the parameter fullPath in the file Y9FileController.java, which could lead to path...

5.5CVSS5.5AI score0.00376EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/26 12:0 a.m.4 views

PT-2024-21286 · WordPress · Salon Booking System

Name of the Vulnerable Software and Affected Versions: Salon booking system WordPress plugin versions 9.6.5 and earlier Description: The issue allows high privilege users, such as admin or editor depending on the plugin configuration, to perform Stored Cross-Site Scripting attacks. This is possib...

6.3CVSS8AI score0.00465EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2024/04/26 12:0 a.m.4 views

PT-2024-20338 · WordPress · Salon Booking System

Name of the Vulnerable Software and Affected Versions: The Salon booking system WordPress plugin versions 9.6.5 and earlier Description: The issue is related to the lack of a CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack...

4.3CVSS6.5AI score0.00247EPSS
Exploits2References5
OSV
OSV
added 2024/02/01 10:15 a.m.5 views

CVE-2024-22449

Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...

7.8CVSS5.8AI score0.00171EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/28 12:0 a.m.7 views

PT-2022-5287 · Ibm · Ibm Host Access Transformation Services

Name of the Vulnerable Software and Affected Versions: IBM Host Access Transformation Services HATS versions 9.6 through 9.6.1.4 IBM Host Access Transformation Services HATS versions 9.7 through 9.7.0.3 Description: The issue is related to the storage of user credentials in plain clear text, whic...

6.2CVSS6.1AI score0.00166EPSS
Exploits0References6
OSV
OSV
added 2022/08/27 12:0 a.m.2 views

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

7.5CVSS5.9AI score0.95335EPSS
Exploits5References6
OSV
OSV
added 2021/11/15 4:15 p.m.6 views

CVE-2021-41765

A SQL injection issue in pages/editfields/9ajax/addkeyword.php of ResourceSpace 9.5 and 9.6 rev 18274 allows remote unauthenticated attackers to execute arbitrary SQL commands via the k parameter. This allows attackers to uncover the full contents of the ResourceSpace database, including user...

9.8CVSS6.2AI score0.67845EPSS
Exploits1References2
OSV
OSV
added 2019/07/19 9:15 p.m.7 views

CVE-2019-7590

ExacqVision Server’s services 'exacqVisionServer', 'dvrdhcpserver' and 'mdnsresponder' have an unquoted service path. If an authenticated user is able to insert code in their system root path it potentially can be executed during the application startup. This could allow the authenticated user to...

7.8CVSS5.8AI score0.00825EPSS
Exploits2References6
CNVD
CNVD
added 2018/01/29 12:0 a.m.5 views

IBM Rational DOORS Web Access Cross-Site Scripting Vulnerability (CNVD-2018-02501)

IBM Rational DOORS is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM in the United States. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users, servers and project...

5.4CVSS6.2AI score0.00942EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/01/26 12:0 a.m.5 views

PT-2018-5784 · Ibm · Ibm Doors Web Access

Name of the Vulnerable Software and Affected Versions: IBM Doors Web Access versions 9.5 through 9.6 Description: The issue allows a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this to hijack th...

5.4CVSS6.8AI score0.01196EPSS
Exploits0References5
Rows per page
Query Builder