Lucene search
K

537 matches found

Vulnrichment
Vulnrichment
added 2025/03/08 12:0 a.m.13 views

CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

4.9CVSS7.1AI score0.00432EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a mismatch between the nftables denial field length and the aggregate key length...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/12/19 10:50 p.m.10 views

CVE-2024-12700 Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type

There is an unrestricted file upload vulnerability where it is possible for an authenticated user low privileged to upload an jsp shell and execute code with the privileges of user running the web server...

8.8CVSS7.3AI score0.00575EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/19 10:50 p.m.16 views

CVE-2024-12700 Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type

There is an unrestricted file upload vulnerability where it is possible for an authenticated user low privileged to upload an jsp shell and execute code with the privileges of user running the web server...

8.8CVSS0.00575EPSS
Exploits0References2
CVE
CVE
added 2024/12/19 10:50 p.m.56 views

CVE-2024-12700

CVE-2024-12700 relates to Tibbo AggreGate Network Manager. The provided documents identify an unrestricted file upload vulnerability in the UploaderTempFileController (Tibbo Aggregate Network Manager) that allows an authenticated, low-privileged user to upload a JSP shell and execute arbitrary co...

8.8CVSS8.9AI score0.00575EPSS
Exploits0References2
CISA
CISA
added 2024/12/19 12:0 p.m.4 views

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on December 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600...

7AI score
Exploits0References8
Zero Day Initiative
Zero Day Initiative
added 2024/12/19 12:0 a.m.5 views

Tibbo Aggregate Network Manager UploaderTempFileController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tibbo Aggregate Network Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the UploaderTempFileController class. The issue results from the lack of...

8.8CVSS7.5AI score0.00575EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.5 views

PT-2024-17717 · Tibbo · Tibbo Aggregate Network Manager

Name of the Vulnerable Software and Affected Versions: Tibbo AggreGate Network Manager affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability. This allows an authenticated user with low privileges to upload a jsp shell, which can then execut...

8.8CVSS6.8AI score0.00575EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.3 views

Tibbo AggreGate Network Manager 代码问题漏洞

Tibbo AggreGate Network Manager is a network monitoring and IT management platform from Tibbo. A code issue vulnerability exists in Tibbo AggreGate Network Manager version 6.34.02 and prior versions, which stems from an unrestricted file upload. An attacker can use this vulnerability to upload a...

8.8CVSS7.2AI score0.00575EPSS
Exploits0References2
Broadcom
Broadcom
added 2024/11/01 12:0 a.m.16 views

PostgreSQL Memory disclosure in aggregate function calls (CVE-2023-5868)

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS4.6AI score0.02775EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 12:28 p.m.2 views

Malicious code in aggregate-rose-booby (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/28 12:0 a.m.29 views

ManageEngine ADAudit Plus < Build 8000 Multiple Vulnerabilities

The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8000. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module. CVE-2024-5556 -...

8.8CVSS5.8AI score0.05279EPSS
Exploits0References12
NVD
NVD
added 2024/08/23 2:15 p.m.26 views

CVE-2024-5490

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...

8.8CVSS0.04037EPSS
Exploits0References1
OSV
OSV
added 2024/08/23 2:15 p.m.4 views

CVE-2024-5490

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...

8.8CVSS5.8AI score0.04037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/23 1:44 p.m.11 views

CVE-2024-5490 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...

8.3CVSS7.7AI score0.04037EPSS
Exploits0References1
CVE
CVE
added 2024/08/23 1:44 p.m.44 views

CVE-2024-5490

CVE-2024-5490 affects Zohocorp ManageEngine ADAudit Plus versions below 8000. An authenticated SQL injection vulnerability exists in the aggregate reports option due to improper query handling, with high impact (C/I/A) per listed CVSS metrics. Affected part: aggregate reports functionality. Explo...

8.8CVSS7.8AI score0.04037EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/23 1:44 p.m.23 views

CVE-2024-5490 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...

8.3CVSS0.04037EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/23 12:0 a.m.5 views

PT-2024-36432 · Zohocorp · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8000 Description: The issue concerns an authenticated SQL injection vulnerability in the aggregate reports option. This vulnerability can be exploited by authenticated users, potentially leadi...

8.8CVSS8.1AI score0.04037EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.19 views

ManageEngine ADAudit Plus < Build 8003 Multiple Vulnerabilities

The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8003. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option...

8.8CVSS6AI score0.07373EPSS
Exploits0References3
OSV
OSV
added 2024/08/12 1:38 p.m.2 views

CVE-2024-36034

Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option...

8.8CVSS5.8AI score0.07373EPSS
Exploits0References1
Rows per page
Query Builder