Lucene search
K

7 matches found

CVE
CVE
added 2025/08/20 3:41 p.m.15 views

CVE-2011-10022

CVE-2011-10022 concerns SPlayer up to version 3.7, vulnerable to a stack-based buffer overflow while processing an HTTP response with an overly long Content-Type header. The underlying cause is improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exceptio...

8.6CVSS7.4AI score0.00749EPSS
Exploits0References5
NVD
NVD
added 2025/01/07 11:15 a.m.12 views

CVE-2025-22349

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through = 3.7...

7.6CVSS0.00466EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.6 views

PT-2022-19381 · Jenkins · Jenkins Jira Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Jira Plugin versions 3.7 and earlier, except version 3.6.1 Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Jira Plugin does not escape the name and description of Jir...

5.4CVSS5.1AI score0.00825EPSS
Exploits0References7
CNVD
CNVD
added 2020/11/16 12:0 a.m.3 views

Spree Authorization Bypass Vulnerability

Spree is a personal developer of an open source mall developed using Ruby on Rails. A security vulnerability exists in Spree versions 3.7 through 3.7.13, 4.0.5, and 4.1.12, which stems from an authorization bypass vulnerability. An attacker can exploit the vulnerability to query the API v2 order...

7.7CVSS6.8AI score0.01111EPSS
Exploits1References1
CNVD
CNVD
added 2019/11/21 12:0 a.m.3 views

Unspecified vulnerability in Moodle (CNVD-2019-43886)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions 3.7 through 3.7.2 and 3.6 through 3.6.6, which stems from a failure of the Email med...

5.3CVSS6.8AI score0.01068EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/09/11 12:0 a.m.14 views

PT-2019-5214 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 3.7 through 5.3 Description: The issue is related to a cross-site scripting XSS error in the block editor of the WordPress content management system. This error can be exploited by authorized users using a specific payload,...

9.8CVSS6.4AI score0.4375EPSS
Exploits16References76
CNVD
CNVD
added 2017/12/13 12:0 a.m.6 views

Puppet Enterprise console session vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise version. console is one of the console tools. ...

6.5CVSS6.9AI score0.0162EPSS
Exploits0References1
Rows per page
Query Builder