CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

22 matches found

Rockylinux•added 2024/11/08 3:56 p.m.•9 views

gcc-toolset-14-gdb bug fix and enhancement update

An update is available for gcc-toolset-14-gdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GDB, the GNU debugger, allows you to debug programs written in C,...

Github Security Blog•added 2023/07/06 7:24 p.m.•17 views

Jenkins AbsInt a³ Plugin XML External Entity Reference vulnerability

Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control Project File APX contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the...

7.1CVSS6.8AI score0.01126EPSS

Exploits0References3Affected Software1

OSV•added 2023/07/06 7:24 p.m.•16 views

GHSA-WF8M-QR47-XC9M Jenkins AbsInt a³ Plugin XML External Entity Reference vulnerability

Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control Project File APX contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the...

7.1CVSS6.9AI score0.01126EPSS

Exploits0References2

Positive Technologies•added 2023/03/21 12:0 a.m.•2 views

PT-2023-21904 · Jenkins · Jenkins Absint A³ Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AbsInt a³ Plugin versions 1.1.0 and earlier Description: The issue arises from the plugin not configuring its XML parser to prevent XML external entity XXE attacks. This allows attackers who can control the Project File APX contents t...

7.1CVSS6.7AI score0.01126EPSS

Exploits0References3

Talos•added 2020/12/08 12:0 a.m.•103 views

Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability

Summary A local code execution vulnerability exists in the APX project file processing functionality of Schneider Electric EcoStruxure Control Expert 14.1. The opening of a STA project archive containing a specially crafted APX project file can lead to code execution. An attacker can provide a...

8.6CVSS8.8AI score0.00418EPSS

securityvulns•added 2015/03/21 12:0 a.m.•45 views

Missing access control on Websense Explorer web folder

------------------------------------------------------------------------ Missing access control on Websense Explorer web folder ------------------------------------------------------------------------ Han Sahin, September 2014 ----------------------------------------------------------------------...

securityvulns•added 2015/03/21 12:0 a.m.•28 views

Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view

------------------------------------------------------------------------ Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•34 views

Command injection vulnerability in network diagnostics tool of Websense Appliance Manager

------------------------------------------------------------------------ Command injection vulnerability in network diagnostics tool of Websense Appliance Manager ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•39 views

Source code disclosure of Websense Triton JSP files via double quote character

------------------------------------------------------------------------ Source code disclosure of Websense Triton JSP files via double quote character ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•44 views

Multiple Cross-Site Scripting vulnerabilities in Websense Reporting

------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Websense Reporting ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•34 views

Cross-Site Scripting vulnerability in Websense Explorer report scheduler

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Explorer report scheduler ------------------------------------------------------------------------ Han Sahin, September 2014...

Packet Storm•added 2015/03/19 12:0 a.m.•39 views

Websense Reporting Cross Site Scripting

------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Websense Reporting ------------------------------------------------------------------------ Han Sahin, September 2014...

Packet Storm•added 2015/03/19 12:0 a.m.•25 views

Websense Explorer Report Scheduler Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Explorer report scheduler ------------------------------------------------------------------------ Han Sahin, September 2014...

Packet Storm•added 2015/03/19 12:0 a.m.•26 views

Websense Triton Source Code Disclosure

------------------------------------------------------------------------ Source code disclosure of Websense Triton JSP files via double quote character ------------------------------------------------------------------------ Han Sahin, September 2014...

Packet Storm•added 2015/03/19 12:0 a.m.•17 views

Websense Data Security Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014...

Packet Storm•added 2015/03/19 12:0 a.m.•30 views

Websense Appliance Manager Command Injection

------------------------------------------------------------------------ Command injection vulnerability in network diagnostics tool of Websense Appliance Manager ------------------------------------------------------------------------ Han Sahin, September 2014...

Packet Storm•added 2015/03/19 12:0 a.m.•17 views

Websense Content Gateway Error Message Cross Site Scripting

------------------------------------------------------------------------ Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014...

Exploit DB•added 2015/03/18 12:0 a.m.•35 views

Websense Appliance Manager - Command Injection

Abstract A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the...

exploitpack•added 2015/03/18 12:0 a.m.•30 views

Websense Appliance Manager - Command Injection

Websense Appliance Manager - Command Injection Abstract A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remo...

NVD•added 2011/05/20 10:55 p.m.•10 views

CVE-2006-7245

Monkey's Audio before 4.01b2 allows remote attackers to cause a denial of service application crash via an APX file that lacks NULL termination...

4.3CVSS6.6AI score0.00443EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by