Lucene search
K

86 matches found

OSV
OSV
added 2022/12/19 3:15 p.m.5 views

CVE-2022-4612

A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. This vulnerability affects unknown code. The manipulation leads to insufficiently protected credentials. The attack can be initiated remotely. The exploit has be...

6.5CVSS4.8AI score0.00853EPSS
Exploits1References3
Prion
Prion
added 2022/12/17 1:15 p.m.20 views

Cross site scripting

A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The...

5.8CVSS6.1AI score0.00502EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.16 views

CVE-2022-4522 CalendarXP cross site scripting

A vulnerability classified as problematic was found in CalendarXP up to 10.0.1. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 10.0.2 is able to address this issue. The name of the patch is...

3.5CVSS6.2AI score0.00533EPSS
Exploits0References3
Prion
Prion
added 2022/12/13 9:15 a.m.14 views

Cross site scripting

A vulnerability was found in ipti br.tag. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 2.13.0 is able to address this issue. The name of th...

5.8CVSS6.1AI score0.0048EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/11/11 7:0 p.m.14 views

ManyDesigns Portofino subject to creation of insecure temporary file

A vulnerability has been found in ManyDesigns Portofino 5.3.2. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure permissions. Upgrading to version 5.3.3 is able to address...

7.1CVSS6.8AI score0.00568EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2022/10/26 12:0 a.m.33 views

CVE-2022-3705 vim autocmd quickfix.c qf_update_buffer use after free

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to...

5CVSS8.3AI score0.01196EPSS
Exploits0References10
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.22 views

Microsoft Endpoint Configuration Manager 安全漏洞

Microsoft Endpoint Configuration Manager is a local management solution from Microsoft. It is used to manage networked or Internet-based desktops, servers, and laptops. A security vulnerability exists in Microsoft Endpoint Configuration Manager, which can be exploited by an attacker to gain acces...

7.5CVSS7.3AI score0.01433EPSS
Exploits0References5
Prion
Prion
added 2022/05/24 4:15 p.m.12 views

Hardcoded credentials

A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials...

6.4CVSS6.9AI score0.00741EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2022/05/24 3:30 p.m.30 views

CVE-2021-4229 ua-parser-js Crypto Mining backdoor

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

5CVSS8.8AI score0.01314EPSS
Exploits0References3
CNVD
CNVD
added 2019/11/08 12:0 a.m.5 views

Dell RSA BSAFE Micro Edition Suite Information Disclosure Vulnerability (CNVD-2019-40481)

Dell RSA BSAFE Micro Edition Suite is an encryption toolkit from Dell USA. An information disclosure vulnerability exists in Dell RSA BSAFE Micro Edition Suite. The vulnerability stems from an error in configuration or other errors in the operation of a networked system or product. An attacker...

7.5CVSS6.2AI score0.00639EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/13 12:0 a.m.2 views

Mooltipass Mini Information Disclosure Vulnerability

Mooltipass Mini is a password management device. An information disclosure vulnerability exists in Mooltipass Mini. The vulnerability arises from errors such as configuration during operation of a networked system or product. An unauthorized attacker could exploit the vulnerability to obtain...

2.4CVSS6.3AI score0.00347EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/02 12:0 a.m.4 views

Logitech Unifying Device Information Disclosure Vulnerability

Logitech Unifying is a USB type signal receiver from Logitech, Switzerland. An information disclosure vulnerability exists in the Logitech Unifying device. An attacker could exploit the vulnerability to obtain sensitive information about an affected component...

6.5CVSS6.1AI score0.01033EPSS
Exploits1References1
CNVD
CNVD
added 2019/06/10 12:0 a.m.3 views

Moxa AWK-3121 Information Disclosure Vulnerability

Moxa AWK-3121 is an industrial-grade wireless access point from Moxa Taiwan, China. An information disclosure vulnerability exists in the Moxa AWK-3121 version 1.14, which can be exploited by unauthorized attackers to obtain sensitive information about an affected component...

6.1CVSS6.2AI score0.01284EPSS
Exploits1References1
CNVD
CNVD
added 2019/06/10 12:0 a.m.32 views

Optergy Proton/Enterprise Information Disclosure Vulnerability

Optergy Proton/Enterprise is an enterprise building management system from Optergy USA. An information disclosure vulnerability exists in Optergy Proton/Enterprise version 2.3.0a and prior versions, which can be exploited by an unauthorized attacker to obtain sensitive information about an affect...

5.3CVSS6.2AI score0.0195EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/02 5:29 a.m.38 views

Privilege Escalation

MySQL Server is vulnerable to privilege escalation. The vulnerability exists as an unspecified vulnerability in Oracle MySQL . This allows a remote authenticated user to manipulate with an unknown input. affected component is 'Privileges'...

4CVSS6AI score0.03764EPSS
Exploits0References46Affected Software4
CNVD
CNVD
added 2019/03/08 12:0 a.m.16 views

NVIDIA graphics driver information disclosure vulnerability

NVIDIA graphics driver is a graphics driver from the American company NVIDIA. An information disclosure vulnerability exists in NVIDIA graphics driver. An attacker could exploit this vulnerability to obtain sensitive information about an affected component...

5.5CVSS6.1AI score0.00393EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2019/01/07 12:0 a.m.116 views

TWiki 6.0.2 Cross Site Scripting

bin/statistics in TWiki 6.0.2 allows XSS via the webs parameterCVE-2018-20212 Vulnerability Type Cross Site Scripting XSS Vendor of Product: twiki Affected Product Version twiki - 6.0.2 Affected Component twiki/bin/statistics Attack Type Remote Attack Vectors /twiki/bin/statistics?webs=alert1...

6.4AI score0.01586EPSS
Exploits1
Prion
Prion
added 2018/03/13 1:29 a.m.13 views

Buffer overflow

Sharutils sharutils unshar command version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function lookslikeccode. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack...

6.8CVSS7.8AI score0.02026EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2018/03/13 1:0 a.m.85 views

CVE-2018-1000097

CVE-2018-1000097 affects Sharutils’ unshar utility. The buffer-overflow vulnerability in unshar.c (line 75, looks_like_c_code) allows an attacker-controlled input file to cause arbitrary code execution or crash. Debian reports fixes: 4.15.2-2+deb9u1 for Stretch (stable) and 4.14-2+deb8u1 for olds...

7.8CVSS7.7AI score0.02026EPSS
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2012/01/23 12:0 a.m.10 views

Joomla Some Component LFI Vulnerability (Jan 2012) - Active Check

Joomla Some component is prone to local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.2AI score
Exploits0References1
Rows per page
Query Builder