Lucene search
K

151 matches found

CNNVD
CNNVD
added 2023/08/17 12:0 a.m.5 views

Juniper Networks Junos OS EX 安全漏洞

Juniper Networks Junos OS EX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS EX, which is caused by a PHP external variab...

9.8CVSS7.8AI score0.93546EPSS
Exploits25References8
CNNVD
CNNVD
added 2023/08/17 12:0 a.m.5 views

Juniper Networks Junos OS EX 安全漏洞

Juniper Networks Junos OS EX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS EX, which is caused by a PHP external variab...

5.3CVSS7.2AI score0.89628EPSS
Exploits7References6
OSV
OSV
added 2023/07/18 5:14 p.m.4 views

CLSA-2023-1689700476 Fix CVE(s): CVE-2023-31486

SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verifySSL=1 to HTTP::Tiny default configuration - CVE-2023-31486...

8.1CVSS7.3AI score0.01742EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/30 12:0 a.m.28 views

Hikvision Hybrid SAN/Cluster Storage Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN storage area network products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the...

4.3CVSS1.5AI score0.00745EPSS
Exploits1Affected Software2
OSV
OSV
added 2022/06/27 6:15 p.m.4 views

CVE-2022-28172

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...

6.1CVSS6.4AI score
Exploits0References2
OSV
OSV
added 2022/06/27 6:15 p.m.3 views

CVE-2022-28171

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device...

9.8CVSS5.9AI score0.49858EPSS
Exploits6References3
Cvelist
Cvelist
added 2022/06/27 5:50 p.m.31 views

CVE-2022-28172

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...

6.5CVSS6.4AI score0.00745EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.3 views

Hikvision Hybrid SAN/Cluster Storage 跨站脚本漏洞

A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN storage area network products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the...

6.5CVSS5.2AI score0.00745EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/06/27 12:0 a.m.6 views

PT-2022-18866 · Hikvision · Hikvision Hybrid San/Cluster Storage

Name of the Vulnerable Software and Affected Versions: Hikvision Hybrid SAN/Cluster Storage products affected versions not specified Description: The issue is related to insufficient input validation in the web module of certain Hikvision Hybrid SAN/Cluster Storage products. This allows an attack...

6.5CVSS6AI score0.00745EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/06/27 12:0 a.m.7 views

PT-2022-18865 · Hikvision · Hikvision Hybrid San/Cluster Storage

Name of the Vulnerable Software and Affected Versions: Hikvision Hybrid SAN/Cluster Storage products affected versions not specified Description: The issue is related to insufficient input validation in the web module of certain Hikvision Hybrid SAN/Cluster Storage products. This allows an attack...

9.8CVSS9.4AI score0.49858EPSS
Exploits6References6
ATTACKERKB
ATTACKERKB
added 2022/06/23 7:0 a.m.3 views

CVE-2022-28171

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device...

9.8CVSS6AI score0.49858EPSS
Exploits6References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/06/23 7:0 a.m.5 views

CVE-2022-28172

The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...

6.5CVSS5.9AI score0.00745EPSS
Exploits1References3Affected Software2
Spring Security Advisories
Spring Security Advisories
added 2022/06/15 12:0 a.m.6 views

Spring Cloud Function Dos Vulnerability

In Spring Cloud Function versions 3.2.5 and older unsupported versions, it is possible for a user who directly interacts with framework provided lookup functionality to cause denial of service condition due to the caching issue in Function Catalog component of the framework. At the time of writin...

7.5CVSS6.6AI score0.0127EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/03/08 12:0 a.m.4 views

Siemens Climatix Pol909 日志信息泄露漏洞

Siemens Climatix AWB Advanced Web and BACnet Module, POL909 enables users of the Climatix 600 solution to connect to a BACnet IP network and implement and load customer web pages and features. Siemens Climatix AWM Advanced Web Module, POL909 enables users of the Climatix 600 solution to implement...

6.5CVSS5.5AI score0.00718EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/08 12:0 a.m.24 views

Climatix POL909 跨站脚本漏洞

Siemens Climatix AWB Advanced Web and BACnet Module, POL909 enables users of the Climatix 600 solution to connect to a BACnet IP network and implement and load customer web pages and features. Siemens Climatix AWM Advanced Web Module, POL909 enables users of the Climatix 600 solution to implement...

6.1CVSS5.3AI score0.0054EPSS
Exploits0References5
CNVD
CNVD
added 2020/12/23 12:0 a.m.1 views

Odoo Cross-Site Scripting Vulnerability (CNVD-2020-74057)

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. A cross-site...

6.3CVSS6AI score0.00702EPSS
Exploits0References1
NVD
NVD
added 2020/12/22 5:15 p.m.19 views

CVE-2018-15641

Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...

6.3CVSS5.3AI score0.00702EPSS
Exploits0References1
OSV
OSV
added 2020/12/22 5:15 p.m.2 views

DEBIAN-CVE-2018-15641

Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...

5.4CVSS6AI score0.00702EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/12/22 4:25 p.m.24 views

CVE-2018-15641

Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...

6.3CVSS5.7AI score0.00702EPSS
Exploits0
CNNVD
CNNVD
added 2020/12/22 12:0 a.m.6 views

Odoo 跨站脚本漏洞

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. A cross-site...

6.3CVSS6.4AI score0.00702EPSS
Exploits0References2
Rows per page
Query Builder