Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2026/05/06 4:21 p.m.9 views

CVE-2026-21661 AC2000 Uncontrolled Search Path Element

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 10:50 p.m.12 views

CVE-2025-36375

CVE-2025-36375 affects IBM DataPower Gateway with a CSRF vulnerability. Affected versions include: 10.6CD 10.6.1.0–10.6.5.0 , 10.5.0 10.5.0.0–10.5.0.20 , and 10.6.0 10.6.0.0–10.6.0.8 . Root cause: failure to properly validate the source of a request, enabling an attacker to induce a user to perfo...

8.8CVSS5.9AI score0.00167EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/11 4:5 p.m.18 views

CVE-2026-1090

GitLab CE/EE versions before 18.7.6 (specifically 10.6–18.7.x), 18.8 before 18.8.6, and 18.9 before 18.9.2 were affected by an issue where, with the markdown_placeholders feature flag enabled, an authenticated user could inject JavaScript in a browser due to improper sanitization of placeholder c...

8.7CVSS5.8AI score0.00231EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.5 views

PT-2024-23213 · Hcl · Hcl Appscan Source

Name of the Vulnerable Software and Affected Versions: HCL AppScan Source versions 10.6.0 and below Description: The issue is related to improper validation of a TLS/SSL certificate for an executable. This could potentially lead to security risks if exploited. Recommendations: For HCL AppScan...

4.8CVSS6.9AI score0.00167EPSS
Exploits0References5
OSV
OSV
added 2023/12/29 9:15 a.m.3 views

CVE-2023-25054

Improper Control of Generation of Code 'Code Injection' vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6...

9.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2023/08/16 10:15 p.m.2 views

CVE-2023-35893

IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824...

8.8CVSS6.1AI score0.01072EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.3 views

MariaDB SQL注入漏洞

MariaDB is a free and open source database management system from the MariaDB Mariadb Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB Server v10.6.3 and lower that allows an attacker to cause a denial of service DoS via a speciall...

7.5CVSS7.7AI score0.02264EPSS
Exploits1References18
OSV
OSV
added 2022/01/29 11:15 p.m.11 views

AZL-8453 CVE-2021-46658 affecting package mariadb for versions less than 10.6.7-1

savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...

5.5CVSS6.8AI score0.00391EPSS
Exploits1References1
CNVD
CNVD
added 2020/07/31 12:0 a.m.3 views

IBM Security Guardium Encryption Problem Vulnerability (CNVD-2020-45116)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium versions 10.5...

7.5CVSS6.6AI score0.00792EPSS
Exploits0References1
OSV
OSV
added 2020/06/03 3:15 p.m.3 views

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851...

6.7CVSS6AI score0.0021EPSS
Exploits0References2
Rows per page
Query Builder