Lucene search
K

206 matches found

CNNVD
CNNVD
added 2025/09/03 12:0 a.m.4 views

AdaCore Ada Web Server 安全漏洞

AdaCore Ada Web Server AdaCore AWS is an Ada library from AdaCore that facilitates the handling of HTTP requests and JSON. It is used to simplify the process of interacting with APIs. A security vulnerability exists in AdaCore Ada Web Server versions prior to 25.2 that stems from improper handlin...

7.5CVSS6.5AI score0.00331EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/03 12:0 a.m.6 views

CVE-2025-52494

Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...

6.3AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-9719 Malicious code in @zalastax/nolb-_ada (npm)

The package @zalastax/nolb-ada was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-ada (npm)

The package @zalastax/nolb-ada was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-10631 Malicious code in @zalastax/nolb-ada (npm)

The package @zalastax/nolb-ada was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.5 views

CVE-2024-37015

An issue was discovered in Ada Web Server 20.0. When configured to use SSL which is not the default setting, the SSL/TLS used to establish connections to external services is done without proper hostname validation. This is exploitable by man-in-the-middle attackers...

7.4CVSS5.9AI score0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:36 a.m.10 views

CVE-2024-32947

Cross-Site Request Forgery CSRF vulnerability in AlumniOnline Web Services LLC WP ADA Compliance Check Basic.This issue affects WP ADA Compliance Check Basic: from n/a through 3.1.3...

4.3CVSS5.1AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.5 views

CVE-2023-45830

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.12...

9.8CVSS7.6AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:52 p.m.7 views

CVE-2022-47420

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.12...

9.8CVSS8.9AI score0.00479EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:44 a.m.10 views

CVE-2012-1035

AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

5CVSS7AI score0.01552EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:31 a.m.6 views

CVE-2014-125063

A vulnerability was found in ada-l0velace Bid and classified as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identifier of the patch is abd71140b8219fa8741d0d8a57ab27d5bfd34222. It is recommended to apply a patch to fix this issue. The...

9.8CVSS7.6AI score0.00672EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/13 9:19 a.m.18 views

CVE-2025-32650

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ability, Inc Accessibility Suite online-accessibility allows SQL Injection.This issue affects Accessibility Suite: from n/a through = 4.18...

8.5CVSS7.3AI score0.0043EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 9:15 a.m.13 views

CVE-2025-32650

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ability, Inc Accessibility Suite online-accessibility allows SQL Injection.This issue affects Accessibility Suite: from n/a through = 4.18...

8.5CVSS0.0043EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 8:43 a.m.8 views

CVE-2025-32650 WordPress Accessibility Suite by Ability, Inc plugin <= 4.18 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ability, Inc Accessibility Suite by Online ADA allows SQL Injection. This issue affects Accessibility Suite by Online ADA: from n/a through 4.18...

8.5CVSS7.6AI score0.0043EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.4 views

WordPress plugin Accessibility Suite by Online ADA SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

8.5CVSS9AI score0.0043EPSS
Exploits0References3
NVD
NVD
added 2025/04/10 8:15 a.m.20 views

CVE-2025-32215

Unrestricted Upload of File with Dangerous Type vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Stored XSS.This issue affects Accessibility Suite: from n/a through = 4.18...

6.5CVSS0.00202EPSS
Exploits0References1
CVE
CVE
added 2025/04/10 8:9 a.m.61 views

CVE-2025-32215

CVE-2025-32215 affects Accessibility Suite by Ability, Inc (WordPress plugin) up to version 4.18. The issue is an Unrestricted Upload of File with Dangerous Type that enables Stored XSS when an authenticated user uploads a file with a dangerous type. Public details in the connected Wordfence entr...

6.5CVSS7.2AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 10:15 p.m.2 views

DEBIAN-CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

7.4CVSS7.3AI score0.00267EPSS
Exploits1References1
NVD
NVD
added 2025/02/26 10:15 p.m.13 views

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

7.4CVSS0.00267EPSS
Exploits1References2
OSV
OSV
added 2025/02/26 10:15 p.m.5 views

UBUNTU-CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

7.4CVSS5.8AI score0.00267EPSS
Exploits1References3
Rows per page
Query Builder