Lucene search
K

232 matches found

OSV
OSV
added 2019/05/13 5:29 a.m.7 views

CVE-2019-11886

The WaspThemes Visual CSS Style Editor aka yellow-pencil-visual-theme-customizer plugin before 7.2.1 for WordPress allows ypoptionupdate CSRF, as demonstrated by use of ypremoteget to obtain admin access...

8.8CVSS7.3AI score0.0189EPSS
Exploits1References4
OSV
OSV
added 2019/01/04 7:6 p.m.2 views

GHSA-F9HV-MG5H-XCW9 Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization...

9.8CVSS7.2AI score0.10599EPSS
Exploits0References39
Veracode
Veracode
added 2018/11/20 7:57 a.m.26 views

Information Disclosure

hawtio-system is vulnerable to an information disclosure. The library displays the entire stack trace when it runs into an exception in accessing a non-existent directory, allowing a malicious user to gather sensitive information from it...

7.5CVSS7.1AI score0.01955EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2018/06/11 9:29 p.m.5 views

CVE-2017-7831

A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox 57...

5.3CVSS7.3AI score0.0161EPSS
Exploits0References4
OSV
OSV
added 2018/02/15 10:29 p.m.4 views

CVE-2017-12525

A Remote Code Execution vulnerability in HPE Intelligent Management Center iMC PLAT version PLAT 7.3 E0504 was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 E0506 or any subsequent version...

8.8CVSS5.9AI score0.0572EPSS
Exploits0References3
OSV
OSV
added 2017/12/09 6:29 a.m.5 views

CVE-2017-3112

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid out-of-range pointer offset during...

9.8CVSS5.8AI score0.06216EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2017/09/19 9:8 p.m.12 views

library.tc.columbia.edu Open Redirect vulnerability

Vulnerable URL: http://library.tc.columbia.edu/logandgo.php?url=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 19.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP websi...

6.9AI score
Exploits0
Veracode
Veracode
added 2017/01/12 7:54 a.m.13 views

Privilege Escalation

devisesecurityextension is vulnerable to privilege escalation. The library accepts changes to the user parameters when a user is updating their expired passwords, a malicious user can pass the parameter of admin=true to escalate themselves to admin level privilege...

6.9AI score
Exploits0
OSV
OSV
added 2016/10/10 8:59 p.m.3 views

CVE-2016-1000154

Reflected XSS in wordpress plugin whizz v1.0.7...

6.1CVSS5.8AI score0.03432EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2011/10/21 12:0 a.m.19 views

Fedora Update for ldns FEDORA-2011-13929

Check for the Version of ldns OpenVAS Vulnerability Test Fedora Update for ldns FEDORA-2011-13929 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

6.8CVSS0.04106EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.20 views

Ubuntu Update for gimp vulnerability USN-480-1

Ubuntu Update for Linux kernel vulnerabilities USN-480-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4801.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gimp vulnerability USN-480-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

6.8CVSS0.1AI score0.07169EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/01/03 12:0 a.m.50 views

Дырка в gtk+ (GTK_MODULES)

Пользователь может указать расположение библиотек через переменную GTKMODULES...

0.3AI score
Exploits0References1
Rows per page
Query Builder