Lucene search
K

852 matches found

Cvelist
Cvelist
added 2025/04/08 2:27 p.m.16 views

CVE-2025-22464

An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition...

6.1CVSS0.00254EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/04/01 10:16 p.m.498 views

Exploit for HTTP Request Smuggling in Sap Content_Server

CVE-2022-22536: HTTP Smuggling Through SAP's Front Door SAP Ne...

10CVSS10AI score0.97945EPSS
Exploits8
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

External Control of File Name or Path

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to External Control of File Name or Path via the restorerunbackup function. An attacker can write arbitrary data to arbitrary locations on the host server by controlling...

9.1CVSS7.2AI score0.0081EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.9 views

CVE-2024-6829

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the tarfile.extractall function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control repo.path and runhash to bypass directory existence checks and...

9.1CVSS0.0081EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.14 views

CVE-2024-7045 Improper Access Control in open-webui/open-webui

In version v0.3.8 of open-webui/open-webui, improper access control vulnerabilities allow an attacker to view any prompts. The application does not verify whether the attacker is an administrator, allowing the attacker to directly call the /api/v1/prompts/ interface to retrieve all prompt...

4.3CVSS0.00401EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

Pimcore SQL注入漏洞

Pimcore is an open source data and experience management platform. A SQL injection vulnerability exists in Pimcore. The vulnerability stems from the fact that an authenticated user can construct filter strings that lead to SQL injection, which can be exploited by an attacker to execute arbitrary...

8.8CVSS8.3AI score0.00449EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/22 12:30 a.m.12 views

CVE-2025-1222

An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac...

6.1CVSS7AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 1:15 a.m.5 views

CVE-2025-1223

An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac...

6.1CVSS5.9AI score0.00154EPSS
Exploits0References1
NVD
NVD
added 2025/02/20 1:15 a.m.7 views

CVE-2025-1222

An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac...

6.1CVSS0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.4 views

PT-2025-6589 · WordPress · Read More & Accordion

Name of the Vulnerable Software and Affected Versions: Read More & Accordion plugin for WordPress versions up to, and including, 3.4.2 Description: The issue is related to a missing capability check on the expmDeleteData function, which allows authenticated attackers with Subscriber-level access...

4.3CVSS9AI score0.0031EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/02/05 10:25 p.m.8 views

CVE-2022-45140

The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise...

9.8CVSS8.1AI score0.01067EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:47 p.m.9 views

CVE-2017-16307

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:46 p.m.6 views

CVE-2017-16279

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:46 p.m.9 views

CVE-2017-16297

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00853EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:46 p.m.13 views

CVE-2017-16309

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:46 p.m.16 views

CVE-2017-16327

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00853EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:44 p.m.9 views

CVE-2017-16283

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:43 p.m.15 views

CVE-2017-16278

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:41 p.m.14 views

CVE-2017-16304

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:35 p.m.8 views

CVE-2017-14454

Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A...

8.5CVSS7.5AI score0.00602EPSS
Exploits1References1
Rows per page
Query Builder