Lucene search
K

279 matches found

osv
osv
added 2024/09/29 4:30 p.m.14 views

RHSA-2011:1803 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.1.2 update

Bulletin has no description...

5.8CVSS6.1AI score0.03201EPSS
Exploits1References10
osv
osv
added 2024/09/29 4:30 p.m.16 views

RHSA-2011:1802 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.1.2 update

Bulletin has no description...

5.8CVSS6.1AI score0.03201EPSS
Exploits1References10
bdu_fstec
bdu_fstec
added 2024/09/23 12:0 a.m.6 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

7.8CVSS7AI score0.00939EPSS
Exploits0References18Affected Software4
osv
osv
added 2024/09/15 9:48 p.m.15 views

RHSA-2014:0792 Red Hat Security Advisory: Red Hat JBoss Enterprise Web Platform 5.2.0 security update

Bulletin has no description...

6.8CVSS6.2AI score0.03514EPSS
Exploits0References7
osv
osv
added 2024/09/15 9:36 p.m.22 views

RHSA-2014:0898 Red Hat Security Advisory: Red Hat JBoss Enterprise Web Platform 5.2.0 security update

Bulletin has no description...

7.5CVSS6.1AI score0.03857EPSS
Exploits0References7
osv
osv
added 2024/09/15 8:36 p.m.26 views

RHSA-2013:0259 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update

Bulletin has no description...

5.8CVSS6AI score0.08882EPSS
Exploits0References12
osv
osv
added 2024/09/15 8:31 p.m.18 views

RHSA-2013:0230 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update

Bulletin has no description...

7.5CVSS6.1AI score0.02344EPSS
Exploits0References8
osv
osv
added 2024/09/15 6:58 p.m.11 views

RHSA-2011:0945 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.1.1 update

Bulletin has no description...

6.8CVSS6.1AI score0.02593EPSS
Exploits0References8
osv
osv
added 2024/09/15 6:39 p.m.25 views

RHSA-2010:0961 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.1.0 security and bug fix update

Bulletin has no description...

2.6CVSS6AI score0.02611EPSS
Exploits0References9
osv
osv
added 2024/09/15 5:17 p.m.16 views

RHBA-2010:0735 Red Hat Bug Fix Advisory: JBoss Enterprise Web Platform 5.1.0 update

Bulletin has no description...

5CVSS7.4AI score0.47111EPSS
Exploits6References8
osv
osv
added 2024/09/13 9:20 a.m.20 views

RHSA-2014:1833 Red Hat Security Advisory: Red Hat JBoss Enterprise Web Platform 5.2.0 security update

Bulletin has no description...

4.8CVSS6.2AI score0.09149EPSS
Exploits1References12
osv
osv
added 2024/09/13 9:19 a.m.15 views

RHSA-2014:1320 Red Hat Security Advisory: Red Hat JBoss Enterprise Web Platform 5.2.0 security update

Bulletin has no description...

4.8CVSS6.2AI score0.09149EPSS
Exploits1References12
redos
redos
added 2024/08/06 12:0 a.m.20 views

ROS-20240806-05

A vulnerability in the AbstractSessionListener component of the Symfony web application development and management platform is related to an incorrect authorization procedure. Symfony web application development and management platform is related to incorrect authorization procedure. Exploitation...

8.8CVSS7.3AI score0.0079EPSS
Exploits0
cnnvd
cnnvd
added 2024/06/25 12:0 a.m.7 views

WordPress Path Traversal Vulnerability

WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers. WordPress suffers from a path traversal vulnerability that stems from improperly restricting pathnames to restricted directorie...

5CVSS6.6AI score0.00434EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2024/06/14 12:0 a.m.6 views

The vulnerability of the ASP.NET Zero web platform for creating websites lies in the redirection of URLs to an unreliable website, allowing a hacker to redirect users to any given URL address.

The vulnerability of the ASP.NET Zero web platform for creating websites involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address...

6.4CVSS6.3AI score0.0046EPSS
Exploits1References4Affected Software1
cnnvd
cnnvd
added 2024/05/30 12:0 a.m.4 views

ZKTeco ZKBioSecurity 安全漏洞

ZKTeco ZKBioSecurity is a web-based all-in-one platform from the Chinese company ZKTeco. A security vulnerability exists in ZKTeco ZKBioSecurity version 6.1.1, which stems from a directory traversal vulnerability in eventRecord...

6.5CVSS6.8AI score0.00947EPSS
Exploits1References2
github
github
added 2024/05/27 11:35 p.m.19 views

silverstripe/framework allows upload of dangerous file types

Some potentially dangerous file types exist in File.allowedextensions which could allow a malicious CMS user to upload files that then get executed in the security context of the website. We have removed the ability to upload .css, .js, .potm, .dotm, .xltm and .jar files in the default...

7.2AI score
Exploits0References4Affected Software1
osv
osv
added 2024/05/27 11:16 p.m.7 views

GHSA-F43J-8HQ4-2XJ9 silverstripe/framework uploaded PHP script execution in assets

A weakness in the .htaccess rules preventing requests to uploaded PHP scripts allows PHP scripts that had made their way into the assets directory to be successfully executed through the use of a specially crafted URL. There are protections in place to disallow upload of PHP scripts through the...

7.2AI score
Exploits0References4
github
github
added 2024/05/27 11:16 p.m.17 views

silverstripe/framework uploaded PHP script execution in assets

A weakness in the .htaccess rules preventing requests to uploaded PHP scripts allows PHP scripts that had made their way into the assets directory to be successfully executed through the use of a specially crafted URL. There are protections in place to disallow upload of PHP scripts through the...

7.2AI score
Exploits0References4Affected Software1
cvelist
cvelist
added 2024/05/15 4:42 p.m.38 views

CVE-2024-34082 Grav Arbitrary File Read to Account Takeover

Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password res...

8.5CVSS8.7AI score0.03071EPSS
Exploits1References2
Rows per page
Query Builder